Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

service/lambda: tech debt: fix V001 linter errors #23149

Merged
merged 2 commits into from
Feb 13, 2022
Merged

service/lambda: tech debt: fix V001 linter errors #23149

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
34a56ff
service/lambda: tech debt: fix V001 linter errors
melamity Feb 12, 2022
1325aa6
fix weird import formatting
melamity Feb 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions internal/service/lambda/permission.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,19 +35,19 @@ func ResourcePermission() *schema.Resource {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validPermissionAction,
ValidateFunc: validPermissionAction(),
},
"event_source_token": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ValidateFunc: validPermissionEventSourceToken,
ValidateFunc: validPermissionEventSourceToken(),
},
"function_name": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validFunctionName,
ValidateFunc: validFunctionName(),
},
"principal": {
Type: schema.TypeString,
Expand All @@ -58,7 +58,7 @@ func ResourcePermission() *schema.Resource {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ValidateFunc: validQualifier,
ValidateFunc: validQualifier(),
},
"source_account": {
Type: schema.TypeString,
Expand All @@ -78,14 +78,14 @@ func ResourcePermission() *schema.Resource {
Computed: true,
ForceNew: true,
ConflictsWith: []string{"statement_id_prefix"},
ValidateFunc: validPolicyStatementID,
ValidateFunc: validPolicyStatementID(),
},
"statement_id_prefix": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ConflictsWith: []string{"statement_id"},
ValidateFunc: validPolicyStatementID,
ValidateFunc: validPolicyStatementID(),
},
},
}
Expand Down
94 changes: 25 additions & 69 deletions internal/service/lambda/validate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,91 +1,47 @@
package lambda

import (
"fmt"
"regexp"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)

func validFunctionName(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 140 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 140 characters: %q", k, value))
}
func validFunctionName() schema.SchemaValidateFunc {
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^(arn:[\w-]+:lambda:)?([a-z]{2}-(?:[a-z]+-){1,2}\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}

return
return validation.All(
validation.StringMatch(regexp.MustCompile(pattern), "must be valid function name or function ARN"),
validation.StringLenBetween(1, 140),
)
}

func validPermissionAction(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)

// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
func validPermissionAction() schema.SchemaValidateFunc {
pattern := `^(lambda:[*]|lambda:[a-zA-Z]+|[*])$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}

return
return validation.StringMatch(regexp.MustCompile(pattern), "must be a valid action (usually starts with lambda:)")
}

func validPermissionEventSourceToken(v interface{}, k string) (ws []string, errors []error) {
func validPermissionEventSourceToken() schema.SchemaValidateFunc {
// https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
value := v.(string)

if len(value) > 256 {
errors = append(errors, fmt.Errorf("%q cannot be longer than 256 characters: %q", k, value))
}

pattern := `^[a-zA-Z0-9._\-]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}

return
return validation.All(
validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9._\-]+$`), "must contain alphanumeric, periods, underscores or dashes only"),
validation.StringLenBetween(1, 256),
)
}

func validQualifier(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
if len(value) > 128 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 128 characters: %q", k, value))
}
func validQualifier() schema.SchemaValidateFunc {
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^[a-zA-Z0-9$_-]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't comply with restrictions (%q): %q",
k, pattern, value))
}

return
return validation.All(
validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9$_-]+$`), "must contain alphanumeric, dollar signs, underscores or dashes only"),
validation.StringLenBetween(1, 128),
)
}

func validPolicyStatementID(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)

if len(value) > 100 {
errors = append(errors, fmt.Errorf(
"%q cannot be longer than 100 characters: %q", k, value))
}

func validPolicyStatementID() schema.SchemaValidateFunc {
// http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
pattern := `^[a-zA-Z0-9-_]+$`
if !regexp.MustCompile(pattern).MatchString(value) {
errors = append(errors, fmt.Errorf(
"%q doesn't look like a valid statement ID (%q): %q",
k, pattern, value))
}

return
return validation.All(
validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9_-]+$`), "must contain alphanumeric, underscores or dashes only"),
validation.StringLenBetween(1, 100),
)
}
20 changes: 10 additions & 10 deletions internal/service/lambda/validate_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ func TestValidFunctionName(t *testing.T) {
"function-name",
}
for _, v := range validNames {
_, errors := validFunctionName(v, "name")
_, errors := validFunctionName()(v, "name")
if len(errors) != 0 {
t.Fatalf("%q should be a valid Lambda function name: %q", v, errors)
}
Expand All @@ -29,7 +29,7 @@ func TestValidFunctionName(t *testing.T) {
"ooooooooooooooooongFunctionName",
}
for _, v := range invalidNames {
_, errors := validFunctionName(v, "name")
_, errors := validFunctionName()(v, "name")
if len(errors) == 0 {
t.Fatalf("%q should be an invalid Lambda function name", v)
}
Expand All @@ -43,7 +43,7 @@ func TestValidPermissionAction(t *testing.T) {
"*",
}
for _, v := range validNames {
_, errors := validPermissionAction(v, "action")
_, errors := validPermissionAction()(v, "action")
if len(errors) != 0 {
t.Fatalf("%q should be a valid Lambda permission action: %q", v, errors)
}
Expand All @@ -56,7 +56,7 @@ func TestValidPermissionAction(t *testing.T) {
"lambda:Invoke*",
}
for _, v := range invalidNames {
_, errors := validPermissionAction(v, "action")
_, errors := validPermissionAction()(v, "action")
if len(errors) == 0 {
t.Fatalf("%q should be an invalid Lambda permission action", v)
}
Expand All @@ -70,7 +70,7 @@ func TestValidPermissionEventSourceToken(t *testing.T) {
strings.Repeat(".", 256),
}
for _, v := range validTokens {
_, errors := validPermissionEventSourceToken(v, "event_source_token")
_, errors := validPermissionEventSourceToken()(v, "event_source_token")
if len(errors) != 0 {
t.Fatalf("%q should be a valid Lambda permission event source token", v)
}
Expand All @@ -82,7 +82,7 @@ func TestValidPermissionEventSourceToken(t *testing.T) {
strings.Repeat(".", 257),
}
for _, v := range invalidTokens {
_, errors := validPermissionEventSourceToken(v, "event_source_token")
_, errors := validPermissionEventSourceToken()(v, "event_source_token")
if len(errors) == 0 {
t.Fatalf("%q should be an invalid Lambda permission event source token", v)
}
Expand All @@ -100,7 +100,7 @@ func TestValidQualifier(t *testing.T) {
"$LATEST",
}
for _, v := range validNames {
_, errors := validQualifier(v, "name")
_, errors := validQualifier()(v, "name")
if len(errors) != 0 {
t.Fatalf("%q should be a valid Lambda function qualifier: %q", v, errors)
}
Expand All @@ -115,7 +115,7 @@ func TestValidQualifier(t *testing.T) {
"oooooooooooongQualifier",
}
for _, v := range invalidNames {
_, errors := validQualifier(v, "name")
_, errors := validQualifier()(v, "name")
if len(errors) == 0 {
t.Fatalf("%q should be an invalid Lambda function qualifier", v)
}
Expand All @@ -129,7 +129,7 @@ func TestValidPolicyStatementID(t *testing.T) {
"1234",
}
for _, v := range validNames {
_, errors := validPolicyStatementID(v, "statement_id")
_, errors := validPolicyStatementID()(v, "statement_id")
if len(errors) != 0 {
t.Fatalf("%q should be a valid Statement ID: %q", v, errors)
}
Expand All @@ -143,7 +143,7 @@ func TestValidPolicyStatementID(t *testing.T) {
"ooooooooooooooooooooooooooooooooooooooooStatementId",
}
for _, v := range invalidNames {
_, errors := validPolicyStatementID(v, "statement_id")
_, errors := validPolicyStatementID()(v, "statement_id")
if len(errors) == 0 {
t.Fatalf("%q should be an invalid Statement ID", v)
}
Expand Down