From 6600020ccaf316dbeaf5cb49e1f9a85b03d9227f Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 23 Mar 2023 17:23:55 -0700 Subject: [PATCH 1/5] Handles `Diagnostics` from `awsbase.GetAwsConfig` --- go.mod | 18 ++++++++--------- go.sum | 41 +++++++++++++++++---------------------- internal/conns/config.go | 42 +++++++++++++++++++++++++++++++--------- 3 files changed, 60 insertions(+), 41 deletions(-) diff --git a/go.mod b/go.mod index a40673d003f..fb5360f343c 100644 --- a/go.mod +++ b/go.mod @@ -64,8 +64,8 @@ require ( github.com/beevik/etree v1.2.0 github.com/google/go-cmp v0.5.9 github.com/hashicorp/aws-cloudformation-resource-schema-sdk-go v0.21.0 - github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.32 - github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.33 + github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.33 + github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.34 github.com/hashicorp/awspolicyequivalence v1.6.0 github.com/hashicorp/go-cleanhttp v0.5.2 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 @@ -106,18 +106,18 @@ require ( github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.11 // indirect - github.com/aws/aws-sdk-go-v2/config v1.18.28 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.13.27 // indirect + github.com/aws/aws-sdk-go-v2/config v1.18.32 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.13.31 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect - github.com/aws/aws-sdk-go-v2/service/iam v1.21.1 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.38 // indirect + github.com/aws/aws-sdk-go-v2/service/iam v1.22.1 // indirect github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.31 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 // indirect github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.13.1 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.21.1 // indirect github.com/aws/smithy-go v1.14.0 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect diff --git a/go.sum b/go.sum index 7dd87e91ce0..fbbfe4432ff 100644 --- a/go.sum +++ b/go.sum @@ -18,28 +18,24 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/aws/aws-sdk-go v1.44.316 h1:UC3alCEyzj2XU13ZFGIOHW3yjCNLGTIGVauyetl9fwE= github.com/aws/aws-sdk-go v1.44.316/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go-v2 v1.18.1/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= -github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= github.com/aws/aws-sdk-go-v2 v1.20.0 h1:INUDpYLt4oiPOJl0XwZDK2OVAVf0Rzo+MGVTv9f+gy8= github.com/aws/aws-sdk-go-v2 v1.20.0/go.mod h1:uWOr0m0jDsiWw8nnXiqZ+YG6LdvAlGYDLLf2NmHZoy4= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.11 h1:/MS8AzqYNAhhRNalOmxUvYs8VEbNGifTnzhPFdcRQkQ= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.11/go.mod h1:va22++AdXht4ccO3kH2SHkHHYvZ2G9Utz+CXKmm2CaU= -github.com/aws/aws-sdk-go-v2/config v1.18.28 h1:TINEaKyh1Td64tqFvn09iYpKiWjmHYrG1fa91q2gnqw= -github.com/aws/aws-sdk-go-v2/config v1.18.28/go.mod h1:nIL+4/8JdAuNHEjn/gPEXqtnS02Q3NXB/9Z7o5xE4+A= -github.com/aws/aws-sdk-go-v2/credentials v1.13.27 h1:dz0yr/yR1jweAnsCx+BmjerUILVPQ6FS5AwF/OyG1kA= -github.com/aws/aws-sdk-go-v2/credentials v1.13.27/go.mod h1:syOqAek45ZXZp29HlnRS/BNgMIW6uiRmeuQsz4Qh2UE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5/go.mod h1:Gj7tm95r+QsDoN2Fhuz/3npQvcZbkEf5mL70n3Xfluc= +github.com/aws/aws-sdk-go-v2/config v1.18.32 h1:tqEOvkbTxwEV7hToRcJ1xZRjcATqwDVsWbAscgRKyNI= +github.com/aws/aws-sdk-go-v2/config v1.18.32/go.mod h1:U3ZF0fQRRA4gnbn9GGvOWLoT2EzzZfAWeKwnVrm1rDc= +github.com/aws/aws-sdk-go-v2/credentials v1.13.31 h1:vJyON3lG7R8VOErpJJBclBADiWTwzcwdkQpTKx8D2sk= +github.com/aws/aws-sdk-go-v2/credentials v1.13.31/go.mod h1:T4sESjBtY2lNxLgkIASmeP57b5j7hTQqCbqG0tWnxC4= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.7 h1:X3H6+SU21x+76LRglk21dFRgMTJMa5QcpW+SqUf5BBg= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.7/go.mod h1:3we0V09SwcJBzNlnyovrR2wWJhWmVdqAsmVs4uronv8= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34/go.mod h1:wZpTEecJe0Btj3IYnDx/VlUzor9wm3fJHyvLpQF0VwY= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 h1:zr/gxAZkMcvP71ZhQOcvdm8ReLjFgIXnIn0fw5AM7mo= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37/go.mod h1:Pdn4j43v49Kk6+82spO3Tu5gSeQXRsxo56ePPQAvFiA= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.28/go.mod h1:7VRpKQQedkfIEXb4k52I7swUnZP0wohVajJMRn3vsUw= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 h1:0HCMIkAkVY9KMgueD8tf4bRTUanzEYvhw7KkPXIMpO0= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31/go.mod h1:fTJDMe8LOFYtqiFFFeHA+SVMAwqLhoq0kcInYoLa9Js= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 h1:8r5m1BoAWkn0TDC34lUculryf7nUF25EgIMdjvGCkgo= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36/go.mod h1:Rmw2M1hMVTwiUhjwMoIBFWFJMhvJbct06sSidxInkhY= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.38 h1:+i1DOFrW3YZ3apE45tCal9+aDKK6kNEbW6Ib7e1nFxE= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.38/go.mod h1:1/jLp0OgOaWIetycOmycW+vYTYgTZFPttJQRgsI1PoU= github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.20.1 h1:ZLvOIJuN9ejt4ySp9jD7kMea9j2gt1p7z+L+7PFde+c= github.com/aws/aws-sdk-go-v2/service/accessanalyzer v1.20.1/go.mod h1:InxaJbJ/jz3A+rCKp8wAP0HOVkvyXB8mbjWi2yBiyrM= github.com/aws/aws-sdk-go-v2/service/account v1.11.1 h1:x5nBXz5OgOxhFwOcQIoHE1XfDq9TNtYrDqO0V2bhMeM= @@ -78,15 +74,14 @@ github.com/aws/aws-sdk-go-v2/service/glacier v1.15.1 h1:gvIIqIl0aAnRktBHiH+3DYVD github.com/aws/aws-sdk-go-v2/service/glacier v1.15.1/go.mod h1:aV+2boRdoxySKTi0OooL/y19S0eBbSCCnxQqaNQ9YK8= github.com/aws/aws-sdk-go-v2/service/healthlake v1.17.1 h1:wzCawDyQCFm2Wryj6FT5q35mfgsKA/g/Um54RRtqjfk= github.com/aws/aws-sdk-go-v2/service/healthlake v1.17.1/go.mod h1:SF9NEZMx3R44KdrcOmHIUQh8gWh79ZcTv2XZaXr7uSk= -github.com/aws/aws-sdk-go-v2/service/iam v1.21.1 h1:VTCWgsrromZqnlRgfziqqWWcW7LFkQLwJVYgf/5zgWA= -github.com/aws/aws-sdk-go-v2/service/iam v1.21.1/go.mod h1:LBsjrFczXiQLASO6FtDGTeHuZh6oHuIH6VKaOozFghg= +github.com/aws/aws-sdk-go-v2/service/iam v1.22.1 h1:wIuOFPPOOX3YAuons6RbboSgzzbWTSew4ndU1oyz3+E= +github.com/aws/aws-sdk-go-v2/service/iam v1.22.1/go.mod h1:Z/fo7V12RMikcbwRqtZAHp3RaLbVcnSdnI9zyxOjwCM= github.com/aws/aws-sdk-go-v2/service/identitystore v1.17.1 h1:h0zxSuIABlthSLypvK4tTIHD8D+HkAGnEnN4D8pjxIw= github.com/aws/aws-sdk-go-v2/service/identitystore v1.17.1/go.mod h1:1hFdcK+ccHVg8G9WmEOYNeSHWBBuDrv0X2htdxLkqtE= github.com/aws/aws-sdk-go-v2/service/inspector2 v1.16.1 h1:1b4VIGtxBXUJ6d/pNA0PDrGVqgy6R+55Sz0ohyTsrQE= github.com/aws/aws-sdk-go-v2/service/inspector2 v1.16.1/go.mod h1:eNEIFReyvXQeB91nXgK7V0VHahM/eXwaJCe8Sc45FkE= github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.31 h1:L6ya7BMQ12LV6rsE1jiKm9ajsrnkRAYalatWRwFawHk= github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.31/go.mod h1:tp7VzPEi+bKtSCP5fSrsZrB271L6oC8CWP3g2cZLofU= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 h1:auGDJ0aLZahF5SPvkJ6WcUuX7iQ7kyl2MamV7Tm8QBk= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31/go.mod h1:3+lloe3sZuBQw1aBc5MyndvodzQlyqCZ7x1QPDHaWP4= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.0 h1:Wgjft9X4W5pMeuqgPCHIQtbZ87wsgom7S5F8obreg+c= @@ -143,12 +138,12 @@ github.com/aws/aws-sdk-go-v2/service/ssmcontacts v1.16.1 h1:40BN9rBBpxjEh6v4XfUD github.com/aws/aws-sdk-go-v2/service/ssmcontacts v1.16.1/go.mod h1:W6dOc+tJaL1NOEe0rOVosalIzv73BL7XBr291Yt82JM= github.com/aws/aws-sdk-go-v2/service/ssmincidents v1.22.1 h1:cZoROQkqmvvlh+axidXVNa4qhC/c8E854DdRiKzVfIU= github.com/aws/aws-sdk-go-v2/service/ssmincidents v1.22.1/go.mod h1:jbM7VbWNvdLgKhH/EfAKrfSUkiyMJXFyY7n9pMTsdEs= -github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 h1:sWDv7cMITPcZ21QdreULwxOOAmE05JjEsT6fCDtDA9k= -github.com/aws/aws-sdk-go-v2/service/sso v1.12.13/go.mod h1:DfX0sWuT46KpcqbMhJ9QWtxAIP1VozkDWf8VAkByjYY= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 h1:BFubHS/xN5bjl818QaroN6mQdjneYQ+AOx44KNXlyH4= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13/go.mod h1:BzqsVVFduubEmzrVtUFQQIQdFqvUItF8XUq2EnS8Wog= -github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 h1:e5mnydVdCVWxP+5rPAGi2PYxC7u2OZgH1ypC114H04U= -github.com/aws/aws-sdk-go-v2/service/sts v1.19.3/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.1 h1:DSNpSbfEgFXRV+IfEcKE5kTbqxm+MeF5WgyeRlsLnHY= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.1/go.mod h1:TC9BubuFMVScIU+TLKamO6VZiYTkYoEHqlSQwAe2omw= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1 h1:hd0SKLMdOL/Sl6Z0np1PX9LeH2gqNtBe0MhTedA8MGI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1/go.mod h1:XO/VcyoQ8nKyKfFW/3DMsRQXsfh/052tHTWmg3xBXRg= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.1 h1:pAOJj+80tC8sPVgSDHzMYD6KLWsaLQ1kZw31PTeORbs= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.1/go.mod h1:G8SbvL0rFk4WOJroU8tKBczhsbhj2p/YY7qeJezJ3CI= github.com/aws/aws-sdk-go-v2/service/swf v1.16.1 h1:eF7+HQ5NXB3k1Z2TVU+h5iYoG76MWRY0P1QrEm5rr8s= github.com/aws/aws-sdk-go-v2/service/swf v1.16.1/go.mod h1:ZkkCXqrN+x/n2+0dy3Lrb4auvWgNMooAteCaGGXVrqI= github.com/aws/aws-sdk-go-v2/service/timestreamwrite v1.18.1 h1:aIwqBGBMvADoSK0l1hWlSnutH2DVi3raI0TLylaOvBM= @@ -207,10 +202,10 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/aws-cloudformation-resource-schema-sdk-go v0.21.0 h1:IUypt/TbXiJBkBbE3926CgnjD8IltAitdn7Yive61DY= github.com/hashicorp/aws-cloudformation-resource-schema-sdk-go v0.21.0/go.mod h1:cdTE6F2pCKQobug+RqRaQp7Kz9hIEqiSvpPmb6E5G1w= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.32 h1:ZkBqGzdgFExZhP/dFNPm1wgz8kw/fQwYLNjxZMzHz7w= -github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.32/go.mod h1:YsIAxyM3YRbiAggDy640u+LcY9YghjHqUIfjrKLqC1s= -github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.33 h1:KI3ePeqkiOWUY/4ACHJZ9MmajsBP0nIMAm2nekn/uoA= -github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.33/go.mod h1:rX3WQy0aIZ7XdyvIhlwZZrjsd/mVm3KMBICTrInw0b0= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.33 h1:8ogYFA7VJSKIOvyODL2mJphWLYc87ZdoKR9Zg3UEAVM= +github.com/hashicorp/aws-sdk-go-base/v2 v2.0.0-beta.33/go.mod h1:D8McAXJE4Ki5B4MYCicebCGfH8f5s3hNJc8ubR8x//4= +github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.34 h1:t2/JBep3k7Maetnw6N5e9PKWVKPHpWEJHYz5avmeKl0= +github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2 v2.0.0-beta.34/go.mod h1:yfSdY7j8d/ifBnvktBI58gZH+tg6fQLqKAtZtGYMVBo= github.com/hashicorp/awspolicyequivalence v1.6.0 h1:7aadmkalbc5ewStC6g3rljx1iNvP4QyAhg2KsHx8bU8= github.com/hashicorp/awspolicyequivalence v1.6.0/go.mod h1:9IOaIHx+a7C0NfUNk1A93M7kHd5rJ19aoUx37LZGC14= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= diff --git a/internal/conns/config.go b/internal/conns/config.go index 7b137df8786..5fb9cb6f597 100644 --- a/internal/conns/config.go +++ b/internal/conns/config.go @@ -12,8 +12,10 @@ import ( endpoints_sdkv1 "github.com/aws/aws-sdk-go/aws/endpoints" awsbase "github.com/hashicorp/aws-sdk-go-base/v2" awsbasev1 "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2" + basediag "github.com/hashicorp/aws-sdk-go-base/v2/diag" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/names" ) @@ -54,6 +56,8 @@ type Config struct { // ConfigureProvider configures the provided provider Meta (instance data). func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWSClient, diag.Diagnostics) { + var diags diag.Diagnostics + awsbaseConfig := awsbase.Config{ AccessKey: c.AccessKey, APNInfo: StdUserAgentProducts(c.TerraformVersion), @@ -105,14 +109,23 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS } tflog.Debug(ctx, "Configuring Terraform AWS Provider") - ctx, cfg, err := awsbase.GetAwsConfig(ctx, &awsbaseConfig) - if err != nil { - return nil, diag.Errorf("configuring Terraform AWS Provider: %s", err) + ctx, cfg, awsDiags := awsbase.GetAwsConfig(ctx, &awsbaseConfig) + + for _, d := range awsDiags { + diags = append(diags, diag.Diagnostic{ + Severity: baseSeverityToSdkSeverity(d.Severity()), + Summary: d.Summary(), + Detail: d.Detail(), + }) + } + + if diags.HasError() { + return nil, diags } if !c.SkipRegionValidation { if err := awsbase.ValidateRegion(cfg.Region); err != nil { - return nil, diag.FromErr(err) + return nil, sdkdiag.AppendFromErr(diags, err) } } c.Region = cfg.Region @@ -120,13 +133,13 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS tflog.Debug(ctx, "Creating AWS SDK v1 session") sess, err := awsbasev1.GetSession(ctx, &cfg, &awsbaseConfig) if err != nil { - return nil, diag.Errorf("creating AWS SDK v1 session: %s", err) + return nil, sdkdiag.AppendErrorf(diags, "creating AWS SDK v1 session: %s", err) } tflog.Debug(ctx, "Retrieving AWS account details") accountID, partition, err := awsbase.GetAwsAccountIDAndPartition(ctx, cfg, &awsbaseConfig) if err != nil { - return nil, diag.Errorf("retrieving AWS account details: %s", err) + return nil, sdkdiag.AppendErrorf(diags, "retrieving AWS account details: %s", err) } if accountID == "" { @@ -137,7 +150,7 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS if len(c.ForbiddenAccountIds) > 0 { for _, forbiddenAccountID := range c.ForbiddenAccountIds { if accountID == forbiddenAccountID { - return nil, diag.Errorf("AWS account ID not allowed: %s", accountID) + return nil, sdkdiag.AppendErrorf(diags, "AWS account ID not allowed: %s", accountID) } } } @@ -150,7 +163,7 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS } } if !found { - return nil, diag.Errorf("AWS account ID not allowed: %s", accountID) + return nil, sdkdiag.AppendErrorf(diags, "AWS account ID not allowed: %s", accountID) } } @@ -178,5 +191,16 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS client.s3UsePathStyle = c.S3UsePathStyle client.stsRegion = c.STSRegion - return client, nil + return client, diags +} + +func baseSeverityToSdkSeverity(s basediag.Severity) diag.Severity { + switch s { + case basediag.SeverityWarning: + return diag.Warning + case basediag.SeverityError: + return diag.Error + default: + return -1 + } } From 750774ae52cfe971207fc35f7a9a9b6f4243cc0a Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 23 Mar 2023 17:30:22 -0700 Subject: [PATCH 2/5] Adds Semgrep checks for `diag.FromErr` and `diag.Errorf` --- .ci/semgrep/pluginsdk/diags.yml | 25 +++++++++++++++++++++++++ internal/errs/sdkdiag/append.go | 2 +- internal/provider/provider.go | 10 +++++++--- 3 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 .ci/semgrep/pluginsdk/diags.yml diff --git a/.ci/semgrep/pluginsdk/diags.yml b/.ci/semgrep/pluginsdk/diags.yml new file mode 100644 index 00000000000..15defea8861 --- /dev/null +++ b/.ci/semgrep/pluginsdk/diags.yml @@ -0,0 +1,25 @@ +rules: + - id: avoid-diag_FromErr + fix: sdkdiag.AppendFromErr(diags, $ERR) + languages: [go] + message: Prefer `sdkdiag.AppendFromErr` to `diag.FromErr` + paths: + include: + - internal/conns + - internal/provider + patterns: + - pattern: diag.FromErr($ERR) + severity: WARNING + + - id: avoid-diag_Errorf + fix-regex: + regex: diag\.Errorf\((.*)\) + replacement: sdkdiag.AppendErrorf(diags, \1) + languages: [go] + message: Prefer `sdkdiag.AppendErrorf` to `diag.Errorf` + paths: + exclude: + - internal/service + patterns: + - pattern: diag.Errorf(...) + severity: WARNING diff --git a/internal/errs/sdkdiag/append.go b/internal/errs/sdkdiag/append.go index fc14d8d8af1..b47a1940b1b 100644 --- a/internal/errs/sdkdiag/append.go +++ b/internal/errs/sdkdiag/append.go @@ -18,7 +18,7 @@ func AppendWarningf(diags diag.Diagnostics, format string, a ...any) diag.Diagno } func AppendErrorf(diags diag.Diagnostics, format string, a ...any) diag.Diagnostics { - return append(diags, diag.Errorf(format, a...)...) + return append(diags, diag.Errorf(format, a...)...) // nosemgrep:ci.semgrep.pluginsdk.avoid-diag_Errorf } func AppendFromErr(diags diag.Diagnostics, err error) diag.Diagnostics { diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 81c0b633bda..88c6ea9538d 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -20,6 +20,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/flex" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/internal/types/nullable" @@ -437,6 +438,8 @@ func New(ctx context.Context) (*schema.Provider, error) { // configure ensures that the provider is fully configured. func configure(ctx context.Context, provider *schema.Provider, d *schema.ResourceData) (*conns.AWSClient, diag.Diagnostics) { + var diags diag.Diagnostics + terraformVersion := provider.TerraformVersion if terraformVersion == "" { // Terraform 0.12 introduced this field to the protocol @@ -470,7 +473,7 @@ func configure(ctx context.Context, provider *schema.Provider, d *schema.Resourc if v, ok := d.Get("retry_mode").(string); ok && v != "" { mode, err := aws.ParseRetryMode(v) if err != nil { - return nil, diag.FromErr(err) + return nil, sdkdiag.AppendFromErr(diags, err) } config.RetryMode = mode } @@ -505,7 +508,7 @@ func configure(ctx context.Context, provider *schema.Provider, d *schema.Resourc endpoints, err := expandEndpoints(ctx, v.(*schema.Set).List()) if err != nil { - return nil, diag.FromErr(err) + return nil, sdkdiag.AppendFromErr(diags, err) } config.Endpoints = endpoints @@ -545,7 +548,8 @@ func configure(ctx context.Context, provider *schema.Provider, d *schema.Resourc } else { meta = new(conns.AWSClient) } - meta, diags := config.ConfigureProvider(ctx, meta) + meta, ds := config.ConfigureProvider(ctx, meta) + diags = append(diags, ds...) if diags.HasError() { return nil, diags From 85bcb082e412e10dc7ad318284506b306c402529 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Fri, 24 Mar 2023 10:56:39 -0700 Subject: [PATCH 3/5] Handles `Diagnostics` from `awsv1shim.GetSession` --- internal/conns/config.go | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/internal/conns/config.go b/internal/conns/config.go index 5fb9cb6f597..f0c1ec493e0 100644 --- a/internal/conns/config.go +++ b/internal/conns/config.go @@ -5,6 +5,7 @@ package conns import ( "context" + "fmt" "log" aws_sdkv2 "github.com/aws/aws-sdk-go-v2/aws" @@ -131,9 +132,18 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS c.Region = cfg.Region tflog.Debug(ctx, "Creating AWS SDK v1 session") - sess, err := awsbasev1.GetSession(ctx, &cfg, &awsbaseConfig) - if err != nil { - return nil, sdkdiag.AppendErrorf(diags, "creating AWS SDK v1 session: %s", err) + sess, awsDiags := awsbasev1.GetSession(ctx, &cfg, &awsbaseConfig) + + for _, d := range awsDiags { + diags = append(diags, diag.Diagnostic{ + Severity: baseSeverityToSdkSeverity(d.Severity()), + Summary: fmt.Sprintf("creating AWS SDK v1 session: %s", d.Summary()), + Detail: d.Detail(), + }) + } + + if diags.HasError() { + return nil, diags } tflog.Debug(ctx, "Retrieving AWS account details") From f4e01592ac1391817d5896f2065b2fd22d1b66d6 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Mon, 17 Jul 2023 18:03:07 -0700 Subject: [PATCH 4/5] Updates `aws-sdk-go-base` --- internal/conns/config.go | 17 +++++++++++------ .../service/configservice/configservice_test.go | 4 ++-- .../configservice/conformance_pack_test.go | 3 ++- .../organization_conformance_pack_test.go | 4 ++-- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/internal/conns/config.go b/internal/conns/config.go index f0c1ec493e0..72c9cabde0e 100644 --- a/internal/conns/config.go +++ b/internal/conns/config.go @@ -6,7 +6,6 @@ package conns import ( "context" "fmt" - "log" aws_sdkv2 "github.com/aws/aws-sdk-go-v2/aws" imds_sdkv2 "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" @@ -16,6 +15,7 @@ import ( basediag "github.com/hashicorp/aws-sdk-go-base/v2/diag" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/names" @@ -147,14 +147,19 @@ func (c *Config) ConfigureProvider(ctx context.Context, client *AWSClient) (*AWS } tflog.Debug(ctx, "Retrieving AWS account details") - accountID, partition, err := awsbase.GetAwsAccountIDAndPartition(ctx, cfg, &awsbaseConfig) - if err != nil { - return nil, sdkdiag.AppendErrorf(diags, "retrieving AWS account details: %s", err) + accountID, partition, awsDiags := awsbase.GetAwsAccountIDAndPartition(ctx, cfg, &awsbaseConfig) + for _, d := range awsDiags { + diags = append(diags, diag.Diagnostic{ + Severity: baseSeverityToSdkSeverity(d.Severity()), + Summary: fmt.Sprintf("retrieving AWS account details: %s", d.Summary()), + Detail: d.Detail(), + }) } if accountID == "" { - // TODO: Make this a Warning Diagnostic - log.Println("[WARN] AWS account ID not found for provider. See https://www.terraform.io/docs/providers/aws/index.html#skip_requesting_account_id for implications.") + diags = append(diags, errs.NewWarningDiagnostic( + "AWS account ID not found for provider", + "See https://www.terraform.io/docs/providers/aws/index.html#skip_requesting_account_id for implications.")) } if len(c.ForbiddenAccountIds) > 0 { diff --git a/internal/service/configservice/configservice_test.go b/internal/service/configservice/configservice_test.go index bb7fedb380b..953d3092743 100644 --- a/internal/service/configservice/configservice_test.go +++ b/internal/service/configservice/configservice_test.go @@ -38,7 +38,7 @@ func TestAccConfigService_serial(t *testing.T) { "ConformancePack": { "basic": testAccConformancePack_basic, "disappears": testAccConformancePack_disappears, - "forceNew": testAccConformancePack_forceNew, + "updateName": testAccConformancePack_updateName, "inputParameters": testAccConformancePack_inputParameters, "S3Delivery": testAccConformancePack_S3Delivery, "S3Template": testAccConformancePack_S3Template, @@ -57,7 +57,7 @@ func TestAccConfigService_serial(t *testing.T) { "basic": testAccOrganizationConformancePack_basic, "disappears": testAccOrganizationConformancePack_disappears, "excludedAccounts": testAccOrganizationConformancePack_excludedAccounts, - "forceNew": testAccOrganizationConformancePack_forceNew, + "updateName": testAccOrganizationConformancePack_updateName, "inputParameters": testAccOrganizationConformancePack_inputParameters, "S3Delivery": testAccOrganizationConformancePack_S3Delivery, "S3Template": testAccOrganizationConformancePack_S3Template, diff --git a/internal/service/configservice/conformance_pack_test.go b/internal/service/configservice/conformance_pack_test.go index 2f71cd37422..c292248c951 100644 --- a/internal/service/configservice/conformance_pack_test.go +++ b/internal/service/configservice/conformance_pack_test.go @@ -55,7 +55,7 @@ func testAccConformancePack_basic(t *testing.T) { }) } -func testAccConformancePack_forceNew(t *testing.T) { +func testAccConformancePack_updateName(t *testing.T) { ctx := acctest.Context(t) var before, after configservice.ConformancePackDetail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) @@ -72,6 +72,7 @@ func testAccConformancePack_forceNew(t *testing.T) { Config: testAccConformancePackConfig_basic(rName), Check: resource.ComposeTestCheckFunc( testAccCheckConformancePackExists(ctx, resourceName, &before), + resource.TestCheckResourceAttr(resourceName, "name", rName), ), }, { diff --git a/internal/service/configservice/organization_conformance_pack_test.go b/internal/service/configservice/organization_conformance_pack_test.go index a805cb2188d..cfc04f96c28 100644 --- a/internal/service/configservice/organization_conformance_pack_test.go +++ b/internal/service/configservice/organization_conformance_pack_test.go @@ -127,7 +127,7 @@ func testAccOrganizationConformancePack_excludedAccounts(t *testing.T) { }) } -func testAccOrganizationConformancePack_forceNew(t *testing.T) { +func testAccOrganizationConformancePack_updateName(t *testing.T) { ctx := acctest.Context(t) var before, after configservice.OrganizationConformancePack rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) @@ -144,6 +144,7 @@ func testAccOrganizationConformancePack_forceNew(t *testing.T) { Config: testAccOrganizationConformancePackConfig_basic(rName), Check: resource.ComposeTestCheckFunc( testAccCheckOrganizationConformancePackExists(ctx, resourceName, &before), + resource.TestCheckResourceAttr(resourceName, "name", rName), ), }, { @@ -650,7 +651,6 @@ resource "aws_s3_bucket" "test" { bucket = %q force_destroy = true } - `, rName, bName)) } From f80f4c1ca368b3c0b3f64d57064ca02afc11f3e8 Mon Sep 17 00:00:00 2001 From: Graham Davison Date: Thu, 20 Jul 2023 12:56:37 -0700 Subject: [PATCH 5/5] Updates semgrep rules --- .ci/semgrep/pluginsdk/diags.yml | 5 ++--- internal/acctest/vcr.go | 13 ++++++++----- internal/errs/sdkdiag/append.go | 2 +- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.ci/semgrep/pluginsdk/diags.yml b/.ci/semgrep/pluginsdk/diags.yml index 15defea8861..ee9e92faaf2 100644 --- a/.ci/semgrep/pluginsdk/diags.yml +++ b/.ci/semgrep/pluginsdk/diags.yml @@ -4,9 +4,8 @@ rules: languages: [go] message: Prefer `sdkdiag.AppendFromErr` to `diag.FromErr` paths: - include: - - internal/conns - - internal/provider + exclude: + - internal/service patterns: - pattern: diag.FromErr($ERR) severity: WARNING diff --git a/internal/acctest/vcr.go b/internal/acctest/vcr.go index fa0a2ff1050..952462e6b5b 100644 --- a/internal/acctest/vcr.go +++ b/internal/acctest/vcr.go @@ -31,6 +31,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/errs" + "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/provider" "gopkg.in/dnaeon/go-vcr.v3/cassette" "gopkg.in/dnaeon/go-vcr.v3/recorder" @@ -133,6 +134,8 @@ func vcrEnabledProtoV5ProviderFactories(t *testing.T, input map[string]func() (t // VCR requires a single HTTP client to handle all interactions. func vcrProviderConfigureContextFunc(provider *schema.Provider, configureContextFunc schema.ConfigureContextFunc, testName string) schema.ConfigureContextFunc { return func(ctx context.Context, d *schema.ResourceData) (interface{}, diag.Diagnostics) { + var diags diag.Diagnostics + providerMetas.Lock() meta, ok := providerMetas[testName] defer providerMetas.Unlock() @@ -144,7 +147,7 @@ func vcrProviderConfigureContextFunc(provider *schema.Provider, configureContext vcrMode, err := vcrMode() if err != nil { - return nil, diag.FromErr(err) + return nil, sdkdiag.AppendFromErr(diags, err) } // Cribbed from aws-sdk-go-base. @@ -168,7 +171,7 @@ func vcrProviderConfigureContextFunc(provider *schema.Provider, configureContext }) if err != nil { - return nil, diag.FromErr(err) + return nil, sdkdiag.AppendFromErr(diags, err) } // Remove sensitive HTTP headers. @@ -263,8 +266,8 @@ func vcrProviderConfigureContextFunc(provider *schema.Provider, configureContext meta.SetHTTPClient(httpClient) provider.SetMeta(meta) - if v, diags := configureContextFunc(ctx, d); diags.HasError() { - return nil, diags + if v, ds := configureContextFunc(ctx, d); ds.HasError() { + return nil, append(diags, ds...) } else { meta = v.(*conns.AWSClient) } @@ -282,7 +285,7 @@ func vcrProviderConfigureContextFunc(provider *schema.Provider, configureContext providerMetas[testName] = meta - return meta, nil + return meta, diags } } diff --git a/internal/errs/sdkdiag/append.go b/internal/errs/sdkdiag/append.go index b47a1940b1b..56aabc3095b 100644 --- a/internal/errs/sdkdiag/append.go +++ b/internal/errs/sdkdiag/append.go @@ -25,7 +25,7 @@ func AppendFromErr(diags diag.Diagnostics, err error) diag.Diagnostics { if err == nil { return diags } - return append(diags, diag.FromErr(err)...) + return append(diags, diag.FromErr(err)...) // nosemgrep:ci.semgrep.pluginsdk.avoid-diag_FromErr } func WrapDiagsf(orig diag.Diagnostics, format string, a ...any) diag.Diagnostics {