Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

linting: Restores Semgrep checks #21440

Merged
merged 2 commits into from
Nov 9, 2021
Merged

linting: Restores Semgrep checks #21440

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
832489d
Restores `_disappears` acceptance test naming Semgrep rule
gdavison Oct 20, 2021
65b8bb7
Restores Semgrep rule to prevent multiple AWS SDK service imports
gdavison Oct 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 10 additions & 22 deletions .semgrep.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ rules:
message: Prefer naming acceptance tests with _disappears_Parent suffix
paths:
include:
- 'aws/*_test.go'
- "internal/**/*_test.go"
patterns:
- pattern: func $FUNCNAME(t *testing.T) { ... }
- metavariable-regex:
Expand All @@ -17,28 +17,12 @@ rules:
message: Resources should not implement multiple AWS service functionality
paths:
exclude:
- aws/config.go
- aws/structure.go
- aws/validators.go
- aws/*wafregional*.go
- aws/resource_aws_serverlessapplicationrepository_cloudformation_stack.go
- aws/resource_aws_transfer_server.go
- aws/*_test.go
- aws/internal/keyvaluetags/
- aws/internal/namevaluesfilters/
- aws/internal/service/wafregional/
# Legacy resource handling
- aws/resource_aws_autoscaling_group.go
- aws/resource_aws_efs_mount_target.go
- aws/resource_aws_elastic_beanstalk_environment.go
- aws/resource_aws_elb.go
- aws/resource_aws_iam_server_certificate.go
- aws/resource_aws_lambda_event_source_mapping.go
- aws/resource_aws_launch_configuration.go
- aws/resource_aws_lb.go
- aws/resource_aws_s3_bucket_object.go
- "internal/service/**/*_test.go"
- "internal/service/**/sweep.go"
- "internal/acctest/acctest.go"
- "internal/conns/conns.go"
include:
- aws/
- internal/
patterns:
- pattern: |
import ("$X")
Expand All @@ -49,6 +33,10 @@ rules:
- metavariable-regex:
metavariable: '$Y'
regex: '^"github.com/aws/aws-sdk-go/service/[^/]+"$'
# wafregional uses a number of resources from waf
- pattern-not: |
import ("github.com/aws/aws-sdk-go/service/waf")
import ("github.com/aws/aws-sdk-go/service/wafregional")
severity: WARNING

- id: prefer-aws-go-sdk-pointer-conversion-assignment
Expand Down
2 changes: 1 addition & 1 deletion internal/generate/namevaluesfilters/generators/servicefilters/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ var templateBody = `

package namevaluesfilters

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"github.com/aws/aws-sdk-go/aws"
{{- range .SliceServiceNames }}
{{- if eq . (. | FilterPackage) }}
Expand Down
2 changes: 1 addition & 1 deletion internal/generate/namevaluesfilters/service_filters_gen.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion internal/service/autoscaling/group.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package autoscaling

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"bytes"
"context"
"fmt"
Expand Down
2 changes: 1 addition & 1 deletion internal/service/autoscaling/launch_configuration.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package autoscaling

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"bytes"
"crypto/sha1"
"encoding/base64"
Expand Down
4 changes: 2 additions & 2 deletions internal/service/backup/vault_notifications_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import (
tfbackup "github.com/hashicorp/terraform-provider-aws/internal/service/backup"
)

func TestAccBackupVaultNotifications_Notification_basic(t *testing.T) {
func TestAccBackupVaultNotification_basic(t *testing.T) {
var vault backup.GetBackupVaultNotificationsOutput

rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand All @@ -41,7 +41,7 @@ func TestAccBackupVaultNotifications_Notification_basic(t *testing.T) {
})
}

func TestAccBackupVaultNotifications_Notification_disappears(t *testing.T) {
func TestAccBackupVaultNotification_disappears(t *testing.T) {
var vault backup.GetBackupVaultNotificationsOutput

rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down
10 changes: 5 additions & 5 deletions internal/service/cognitoidp/user_pool_ui_customization_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import (
tfcognitoidp "github.com/hashicorp/terraform-provider-aws/internal/service/cognitoidp"
)

func TestAccCognitoIDPUserPoolUICustomization_AllClients_cSS(t *testing.T) {
func TestAccCognitoIDPUserPoolUICustomization_AllClients_CSS(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cognito_user_pool_ui_customization.test"
userPoolResourceName := "aws_cognito_user_pool.test"
Expand Down Expand Up @@ -67,7 +67,7 @@ func TestAccCognitoIDPUserPoolUICustomization_AllClients_cSS(t *testing.T) {
})
}

func TestAccCognitoIDPUserPoolUICustomization_AllClients_disappears(t *testing.T) {
func TestAccCognitoIDPUserPoolUICustomization_AllClients_disappears(t *testing.T) { // nosemgrep: acceptance-test-naming-parent-disappears
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cognito_user_pool_ui_customization.test"

Expand Down Expand Up @@ -143,7 +143,7 @@ func TestAccCognitoIDPUserPoolUICustomization_AllClients_imageFile(t *testing.T)
})
}

func TestAccCognitoIDPUserPoolUICustomization_AllClients_cSSAndImageFile(t *testing.T) {
func TestAccCognitoIDPUserPoolUICustomization_AllClients_CSSAndImageFile(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cognito_user_pool_ui_customization.test"
userPoolResourceName := "aws_cognito_user_pool.test"
Expand Down Expand Up @@ -210,7 +210,7 @@ func TestAccCognitoIDPUserPoolUICustomization_AllClients_cSSAndImageFile(t *test
})
}

func TestAccCognitoIDPUserPoolUICustomization_Client_cSS(t *testing.T) {
func TestAccCognitoIDPUserPoolUICustomization_Client_CSS(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cognito_user_pool_ui_customization.test"
clientResourceName := "aws_cognito_user_pool_client.test"
Expand Down Expand Up @@ -263,7 +263,7 @@ func TestAccCognitoIDPUserPoolUICustomization_Client_cSS(t *testing.T) {
})
}

func TestAccCognitoIDPUserPoolUICustomization_Client_disappears(t *testing.T) {
func TestAccCognitoIDPUserPoolUICustomization_Client_disappears(t *testing.T) { // nosemgrep: acceptance-test-naming-parent-disappears
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cognito_user_pool_ui_customization.test"

Expand Down
8 changes: 4 additions & 4 deletions internal/service/ec2/network_interface_sg_attachment_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import (
"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
)

func TestAccEC2NetworkInterfaceSgAttachment_SG_basic(t *testing.T) {
func TestAccEC2NetworkInterfaceSgAttachment_basic(t *testing.T) {
networkInterfaceResourceName := "aws_network_interface.test"
securityGroupResourceName := "aws_security_group.test"
resourceName := "aws_network_interface_sg_attachment.test"
Expand All @@ -38,7 +38,7 @@ func TestAccEC2NetworkInterfaceSgAttachment_SG_basic(t *testing.T) {
})
}

func TestAccEC2NetworkInterfaceSgAttachment_SG_disappears(t *testing.T) {
func TestAccEC2NetworkInterfaceSgAttachment_disappears(t *testing.T) {
resourceName := "aws_network_interface_sg_attachment.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)

Expand All @@ -60,7 +60,7 @@ func TestAccEC2NetworkInterfaceSgAttachment_SG_disappears(t *testing.T) {
})
}

func TestAccEC2NetworkInterfaceSgAttachment_SG_instance(t *testing.T) {
func TestAccEC2NetworkInterfaceSgAttachment_instance(t *testing.T) {
instanceResourceName := "aws_instance.test"
securityGroupResourceName := "aws_security_group.test"
resourceName := "aws_network_interface_sg_attachment.test"
Expand All @@ -84,7 +84,7 @@ func TestAccEC2NetworkInterfaceSgAttachment_SG_instance(t *testing.T) {
})
}

func TestAccEC2NetworkInterfaceSgAttachment_SG_multiple(t *testing.T) {
func TestAccEC2NetworkInterfaceSgAttachment_multiple(t *testing.T) {
networkInterfaceResourceName := "aws_network_interface.test"
securityGroupResourceName1 := "aws_security_group.test.0"
securityGroupResourceName2 := "aws_security_group.test.1"
Expand Down
20 changes: 10 additions & 10 deletions internal/service/ec2/network_interface_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ import (
"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
)

func TestAccEC2NetworkInterface_ENI_basic(t *testing.T) {
func TestAccEC2NetworkInterface_basic(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
subnetResourceName := "aws_subnet.test"
Expand Down Expand Up @@ -61,7 +61,7 @@ func TestAccEC2NetworkInterface_ENI_basic(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_ipv6(t *testing.T) {
func TestAccEC2NetworkInterface_ipv6(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down Expand Up @@ -105,7 +105,7 @@ func TestAccEC2NetworkInterface_ENI_ipv6(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_tags(t *testing.T) {
func TestAccEC2NetworkInterface_tags(t *testing.T) {
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
var conf ec2.NetworkInterface
Expand Down Expand Up @@ -150,7 +150,7 @@ func TestAccEC2NetworkInterface_ENI_tags(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_ipv6Count(t *testing.T) {
func TestAccEC2NetworkInterface_ipv6Count(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down Expand Up @@ -198,7 +198,7 @@ func TestAccEC2NetworkInterface_ENI_ipv6Count(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_disappears(t *testing.T) {
func TestAccEC2NetworkInterface_disappears(t *testing.T) {
var networkInterface ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand All @@ -221,7 +221,7 @@ func TestAccEC2NetworkInterface_ENI_disappears(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_description(t *testing.T) {
func TestAccEC2NetworkInterface_description(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
subnetResourceName := "aws_subnet.test"
Expand Down Expand Up @@ -289,7 +289,7 @@ func TestAccEC2NetworkInterface_ENI_description(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_attachment(t *testing.T) {
func TestAccEC2NetworkInterface_attachment(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down Expand Up @@ -322,7 +322,7 @@ func TestAccEC2NetworkInterface_ENI_attachment(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_ignoreExternalAttachment(t *testing.T) {
func TestAccEC2NetworkInterface_ignoreExternalAttachment(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand All @@ -349,7 +349,7 @@ func TestAccEC2NetworkInterface_ENI_ignoreExternalAttachment(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_sourceDestCheck(t *testing.T) {
func TestAccEC2NetworkInterface_sourceDestCheck(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down Expand Up @@ -390,7 +390,7 @@ func TestAccEC2NetworkInterface_ENI_sourceDestCheck(t *testing.T) {
})
}

func TestAccEC2NetworkInterface_ENI_privateIPsCount(t *testing.T) {
func TestAccEC2NetworkInterface_privateIPsCount(t *testing.T) {
var conf ec2.NetworkInterface
resourceName := "aws_network_interface.test"
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
Expand Down
18 changes: 6 additions & 12 deletions internal/service/efs/mount_target.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ import (

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/arn"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/efs"
"github.com/hashicorp/aws-sdk-go-base/tfawserr"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/flex"
"github.com/hashicorp/terraform-provider-aws/internal/service/ec2"
)

const (
Expand Down Expand Up @@ -105,7 +105,7 @@ func resourceMountTargetCreate(d *schema.ResourceData, meta interface{}) error {
// to parallel requests if they both include the same AZ
// and we would end up managing the same MT as 2 resources.
// So we make it fail by calling 1 request per AZ at a time.
az, err := getAzFromSubnetId(subnetId, meta.(*conns.AWSClient).EC2Conn)
az, err := getAzFromSubnetId(subnetId, meta)
if err != nil {
return fmt.Errorf("Failed getting Availability Zone from subnet ID (%s): %s", subnetId, err)
}
Expand Down Expand Up @@ -247,20 +247,14 @@ func resourceMountTargetRead(d *schema.ResourceData, meta interface{}) error {
return nil
}

func getAzFromSubnetId(subnetId string, conn *ec2.EC2) (string, error) {
input := ec2.DescribeSubnetsInput{
SubnetIds: []*string{aws.String(subnetId)},
}
out, err := conn.DescribeSubnets(&input)
func getAzFromSubnetId(subnetId string, meta interface{}) (string, error) {
conn := meta.(*conns.AWSClient).EC2Conn
subnet, err := ec2.FindSubnetByID(conn, subnetId)
if err != nil {
return "", err
}

if l := len(out.Subnets); l != 1 {
return "", fmt.Errorf("Expected exactly 1 subnet returned for %q, got: %d", subnetId, l)
}

return aws.StringValue(out.Subnets[0].AvailabilityZone), nil
return aws.StringValue(subnet.AvailabilityZone), nil
}

func resourceMountTargetDelete(d *schema.ResourceData, meta interface{}) error {
Expand Down
2 changes: 1 addition & 1 deletion internal/service/elasticbeanstalk/environment.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package elasticbeanstalk

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"fmt"
"log"
"regexp"
Expand Down
10 changes: 5 additions & 5 deletions internal/service/elasticsearch/domain_saml_options_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import (
tfelasticsearch "github.com/hashicorp/terraform-provider-aws/internal/service/elasticsearch"
)

func TestAccElasticsearchDomainSamlOptions_SAML_basic(t *testing.T) {
func TestAccElasticSearchDomainSamlOptions_basic(t *testing.T) {
var domain elasticsearch.ElasticsearchDomainStatus

rName := sdkacctest.RandomWithPrefix("acc-test")
Expand Down Expand Up @@ -49,7 +49,7 @@ func TestAccElasticsearchDomainSamlOptions_SAML_basic(t *testing.T) {
})
}

func TestAccElasticsearchDomainSamlOptions_SAML_disappears(t *testing.T) {
func TestAccElasticSearchDomainSamlOptions_disappears(t *testing.T) {
rName := sdkacctest.RandomWithPrefix("acc-test")
rUserName := sdkacctest.RandomWithPrefix("es-master-user")
resourceName := "aws_elasticsearch_domain_saml_options.main"
Expand All @@ -72,7 +72,7 @@ func TestAccElasticsearchDomainSamlOptions_SAML_disappears(t *testing.T) {
})
}

func TestAccElasticsearchDomainSamlOptions_SAMLDisappears_domain(t *testing.T) {
func TestAccElasticSearchDomainSamlOptions_disappears_domain(t *testing.T) {
rName := sdkacctest.RandomWithPrefix("acc-test")
rUserName := sdkacctest.RandomWithPrefix("es-master-user")
resourceName := "aws_elasticsearch_domain_saml_options.main"
Expand All @@ -96,7 +96,7 @@ func TestAccElasticsearchDomainSamlOptions_SAMLDisappears_domain(t *testing.T) {
})
}

func TestAccElasticsearchDomainSamlOptions_SAML_update(t *testing.T) {
func TestAccElasticSearchDomainSamlOptions_update(t *testing.T) {
rName := sdkacctest.RandomWithPrefix("acc-test")
rUserName := sdkacctest.RandomWithPrefix("es-master-user")
resourceName := "aws_elasticsearch_domain_saml_options.main"
Expand Down Expand Up @@ -128,7 +128,7 @@ func TestAccElasticsearchDomainSamlOptions_SAML_update(t *testing.T) {
})
}

func TestAccElasticsearchDomainSamlOptions_SAML_disabled(t *testing.T) {
func TestAccElasticSearchDomainSamlOptions_disabled(t *testing.T) {
rName := sdkacctest.RandomWithPrefix("acc-test")
rUserName := sdkacctest.RandomWithPrefix("es-master-user")
resourceName := "aws_elasticsearch_domain_saml_options.main"
Expand Down
2 changes: 1 addition & 1 deletion internal/service/elb/load_balancer.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package elb

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"bytes"
"fmt"
"log"
Expand Down
2 changes: 1 addition & 1 deletion internal/service/elb/load_balancer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package elb_test

import (
import ( // nosemgrep: aws-sdk-go-multiple-service-imports
"fmt"
"math/rand"
"reflect"
Expand Down
Loading