Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

linters: semgrep rule to replace AWSR002 #19039

Merged
merged 3 commits into from
Apr 29, 2021
Merged

linters: semgrep rule to replace AWSR002 #19039

merged 3 commits into from
Apr 29, 2021

Conversation

anGie44
Copy link
Contributor

@anGie44 anGie44 commented Apr 21, 2021
edited
Loading

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Relates #18721
Preceded by #7926

Output from semgrep testing:

$ semgrep
ran 21 rules on 2451 files: 0 findings

@anGie44 anGie44 added the linter Pertains to changes to or issues with the various linters. label Apr 21, 2021
@anGie44 anGie44 requested a review from a team as a code owner April 21, 2021 04:06
@ghost ghost added size/S Managed by automation to categorize the size of a PR. provider Pertains to the provider itself, rather than any interaction with AWS. labels Apr 21, 2021
@anGie44 anGie44 force-pushed the linter-alternative-for-AWSR002 branch from 1c8567e to 04a2554 Compare April 21, 2021 04:09
@ewbankkit
Copy link
Contributor

Running on "current" (4b72ef5) main:

% semgrep --config .semgrep.yml                     
running 20 rules...
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████|20/20
aws/resource_aws_elastic_beanstalk_application.go
severity:warning rule:helper-schema-ResourceData-Set-tags: (schema.ResourceData).Set() call with the tags key should include IgnoreConfig in the value
266:	tags = tags.IgnoreElasticbeanstalk().IgnoreConfig(ignoreTagsConfig)
267:
268:	//lintignore:AWSR002
269:	if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil {
270:		return fmt.Errorf("error setting tags: %w", err)
271:	}

aws/resource_aws_elastic_beanstalk_application_version.go
severity:warning rule:helper-schema-ResourceData-Set-tags: (schema.ResourceData).Set() call with the tags key should include IgnoreConfig in the value
134:	tags = tags.IgnoreElasticbeanstalk().IgnoreConfig(ignoreTagsConfig)
135:
136:	//lintignore:AWSR002
137:	if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil {
138:		return fmt.Errorf("error setting tags: %w", err)
139:	}

aws/resource_aws_elastic_beanstalk_environment.go
severity:warning rule:helper-schema-ResourceData-Set-tags: (schema.ResourceData).Set() call with the tags key should include IgnoreConfig in the value
627:	tags = tags.IgnoreElasticbeanstalk().IgnoreConfig(ignoreTagsConfig)
628:
629:	//lintignore:AWSR002
630:	if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil {
631:		return fmt.Errorf("error setting tags: %w", err)
632:	}

aws/resource_aws_waf_rate_based_rule.go
severity:warning rule:helper-schema-ResourceData-Set-tags: (schema.ResourceData).Set() call with the tags key should include IgnoreConfig in the value
164:	tags := tagList.IgnoreAws().IgnoreConfig(ignoreTagsConfig)
165:
166:	//lintignore:AWSR002
167:	if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil {
168:		return fmt.Errorf("error setting tags: %w", err)
169:	}

aws/resource_aws_wafregional_rate_based_rule.go
severity:warning rule:helper-schema-ResourceData-Set-tags: (schema.ResourceData).Set() call with the tags key should include IgnoreConfig in the value
164:	tags := tagList.IgnoreAws().IgnoreConfig(ignoreTagsConfig)
165:
166:	//lintignore:AWSR002
167:	if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil {
168:		return fmt.Errorf("error setting tags: %w", err)
169:	}
ran 20 rules on 2451 files: 5 findings

@anGie44
Copy link
Contributor Author

anGie44 commented Apr 23, 2021
edited
Loading

Running on "current" (4b72ef5) main:

Ohh interesting! I'll add a pattern for the IgnoreElasticBeanstalk and generalize the tags.IgnoreAws() so tagsList gets included. I'm not too sure if the entire rule though is optimal 😅 a lot of pattern-not conditions, I wonder if there's a better way to group them 🤔 ?

I noticed the rule wasn't catching changes in a data-source b/c of the original pattern the rule is looking for, so i've added separate rule for just data-sources

@anGie44 anGie44 force-pushed the linter-alternative-for-AWSR002 branch 3 times, most recently from aa75d5d to f18347c Compare April 23, 2021 22:18
anGie44
anGie44 commented Apr 23, 2021
View reviewed changes
.semgrep.yml Outdated Show resolved Hide resolved
@anGie44 anGie44 force-pushed the linter-alternative-for-AWSR002 branch 2 times, most recently from c914826 to 7dbc687 Compare April 26, 2021 13:21
@YakDriver YakDriver self-assigned this Apr 29, 2021
YakDriver
YakDriver approved these changes Apr 29, 2021
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Excellent! 🎉

% semgrep
running 22 rules...
100%|█████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████|22/22
ran 22 rules on 2459 files: 0 findings

@YakDriver YakDriver force-pushed the linter-alternative-for-AWSR002 branch from 7dbc687 to 17ce7c6 Compare April 29, 2021 16:52
@YakDriver YakDriver merged commit 1cb7a24 into main Apr 29, 2021
@YakDriver YakDriver deleted the linter-alternative-for-AWSR002 branch April 29, 2021 17:16
@YakDriver YakDriver added this to the v3.38.0 milestone Apr 29, 2021
@ghost
Copy link

ghost commented Apr 30, 2021

This has been released in version 3.38.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@github-actions
Copy link

github-actions bot commented Jun 1, 2021

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@YakDriver YakDriver YakDriver approved these changes

Assignees

@YakDriver YakDriver

Labels
linter Pertains to changes to or issues with the various linters. provider Pertains to the provider itself, rather than any interaction with AWS. size/S Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v3.38.0
Development

Successfully merging this pull request may close these issues.
3 participants
@anGie44 @ewbankkit @YakDriver