diff --git a/docs/rules/README.md b/docs/rules/README.md index ef25b4e9..40dc67d8 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -644,6 +644,35 @@ These rules enforce best practices and naming conventions: |aws_iam_user_ssh_key_invalid_public_key|✔| |aws_iam_user_ssh_key_invalid_status|✔| |aws_iam_user_ssh_key_invalid_username|✔| +|aws_imagebuilder_component_invalid_change_description|✔| +|aws_imagebuilder_component_invalid_data|✔| +|aws_imagebuilder_component_invalid_description|✔| +|aws_imagebuilder_component_invalid_kms_key_id|✔| +|aws_imagebuilder_component_invalid_name|✔| +|aws_imagebuilder_component_invalid_platform|✔| +|aws_imagebuilder_component_invalid_version|✔| +|aws_imagebuilder_distribution_configuration_invalid_description|✔| +|aws_imagebuilder_distribution_configuration_invalid_name|✔| +|aws_imagebuilder_image_invalid_distribution_configuration_arn|✔| +|aws_imagebuilder_image_invalid_image_recipe_arn|✔| +|aws_imagebuilder_image_invalid_infrastructure_configuration_arn|✔| +|aws_imagebuilder_image_pipeline_invalid_description|✔| +|aws_imagebuilder_image_pipeline_invalid_distribution_configuration_arn|✔| +|aws_imagebuilder_image_pipeline_invalid_image_recipe_arn|✔| +|aws_imagebuilder_image_pipeline_invalid_infrastructure_configuration_arn|✔| +|aws_imagebuilder_image_pipeline_invalid_name|✔| +|aws_imagebuilder_image_pipeline_invalid_status|✔| +|aws_imagebuilder_image_recipe_invalid_description|✔| +|aws_imagebuilder_image_recipe_invalid_name|✔| +|aws_imagebuilder_image_recipe_invalid_parent_image|✔| +|aws_imagebuilder_image_recipe_invalid_version|✔| +|aws_imagebuilder_image_recipe_invalid_working_directory|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_description|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_instance_profile_name|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_key_pair|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_name|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_sns_topic_arn|✔| +|aws_imagebuilder_infrastructure_configuration_invalid_subnet_id|✔| |aws_inspector_assessment_target_invalid_name|✔| |aws_inspector_assessment_target_invalid_resource_group_arn|✔| |aws_inspector_assessment_template_invalid_name|✔| diff --git a/rules/models/aws_imagebuilder_component_invalid_change_description.go b/rules/models/aws_imagebuilder_component_invalid_change_description.go new file mode 100644 index 00000000..db077fce --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_change_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidChangeDescriptionRule checks the pattern is valid +type AwsImagebuilderComponentInvalidChangeDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderComponentInvalidChangeDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidChangeDescriptionRule() *AwsImagebuilderComponentInvalidChangeDescriptionRule { + return &AwsImagebuilderComponentInvalidChangeDescriptionRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "change_description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidChangeDescriptionRule) Name() string { + return "aws_imagebuilder_component_invalid_change_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidChangeDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidChangeDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidChangeDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidChangeDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "change_description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "change_description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_data.go b/rules/models/aws_imagebuilder_component_invalid_data.go new file mode 100644 index 00000000..257894a6 --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_data.go @@ -0,0 +1,87 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidDataRule checks the pattern is valid +type AwsImagebuilderComponentInvalidDataRule struct { + resourceType string + attributeName string + max int + min int + pattern *regexp.Regexp +} + +// NewAwsImagebuilderComponentInvalidDataRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidDataRule() *AwsImagebuilderComponentInvalidDataRule { + return &AwsImagebuilderComponentInvalidDataRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "data", + max: 16000, + min: 1, + pattern: regexp.MustCompile(`^[^\x00]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidDataRule) Name() string { + return "aws_imagebuilder_component_invalid_data" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidDataRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidDataRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidDataRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidDataRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "data must be 16000 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "data must be 1 characters or higher", + attribute.Expr, + ) + } + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[^\x00]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_description.go b/rules/models/aws_imagebuilder_component_invalid_description.go new file mode 100644 index 00000000..244a585a --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidDescriptionRule checks the pattern is valid +type AwsImagebuilderComponentInvalidDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderComponentInvalidDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidDescriptionRule() *AwsImagebuilderComponentInvalidDescriptionRule { + return &AwsImagebuilderComponentInvalidDescriptionRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidDescriptionRule) Name() string { + return "aws_imagebuilder_component_invalid_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_kms_key_id.go b/rules/models/aws_imagebuilder_component_invalid_kms_key_id.go new file mode 100644 index 00000000..18787769 --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_kms_key_id.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidKmsKeyIDRule checks the pattern is valid +type AwsImagebuilderComponentInvalidKmsKeyIDRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderComponentInvalidKmsKeyIDRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidKmsKeyIDRule() *AwsImagebuilderComponentInvalidKmsKeyIDRule { + return &AwsImagebuilderComponentInvalidKmsKeyIDRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "kms_key_id", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidKmsKeyIDRule) Name() string { + return "aws_imagebuilder_component_invalid_kms_key_id" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidKmsKeyIDRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidKmsKeyIDRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidKmsKeyIDRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidKmsKeyIDRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "kms_key_id must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "kms_key_id must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_name.go b/rules/models/aws_imagebuilder_component_invalid_name.go new file mode 100644 index 00000000..ea4e2f38 --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_name.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidNameRule checks the pattern is valid +type AwsImagebuilderComponentInvalidNameRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderComponentInvalidNameRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidNameRule() *AwsImagebuilderComponentInvalidNameRule { + return &AwsImagebuilderComponentInvalidNameRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "name", + pattern: regexp.MustCompile(`^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidNameRule) Name() string { + return "aws_imagebuilder_component_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_platform.go b/rules/models/aws_imagebuilder_component_invalid_platform.go new file mode 100644 index 00000000..7c1f4924 --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_platform.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidPlatformRule checks the pattern is valid +type AwsImagebuilderComponentInvalidPlatformRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsImagebuilderComponentInvalidPlatformRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidPlatformRule() *AwsImagebuilderComponentInvalidPlatformRule { + return &AwsImagebuilderComponentInvalidPlatformRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "platform", + enum: []string{ + "Windows", + "Linux", + }, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidPlatformRule) Name() string { + return "aws_imagebuilder_component_invalid_platform" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidPlatformRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidPlatformRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidPlatformRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidPlatformRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as platform`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_component_invalid_version.go b/rules/models/aws_imagebuilder_component_invalid_version.go new file mode 100644 index 00000000..509ca611 --- /dev/null +++ b/rules/models/aws_imagebuilder_component_invalid_version.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderComponentInvalidVersionRule checks the pattern is valid +type AwsImagebuilderComponentInvalidVersionRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderComponentInvalidVersionRule returns new rule with default attributes +func NewAwsImagebuilderComponentInvalidVersionRule() *AwsImagebuilderComponentInvalidVersionRule { + return &AwsImagebuilderComponentInvalidVersionRule{ + resourceType: "aws_imagebuilder_component", + attributeName: "version", + pattern: regexp.MustCompile(`^[0-9]+\.[0-9]+\.[0-9]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderComponentInvalidVersionRule) Name() string { + return "aws_imagebuilder_component_invalid_version" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderComponentInvalidVersionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderComponentInvalidVersionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderComponentInvalidVersionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderComponentInvalidVersionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9]+\.[0-9]+\.[0-9]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_distribution_configuration_invalid_description.go b/rules/models/aws_imagebuilder_distribution_configuration_invalid_description.go new file mode 100644 index 00000000..5568a578 --- /dev/null +++ b/rules/models/aws_imagebuilder_distribution_configuration_invalid_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderDistributionConfigurationInvalidDescriptionRule checks the pattern is valid +type AwsImagebuilderDistributionConfigurationInvalidDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderDistributionConfigurationInvalidDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderDistributionConfigurationInvalidDescriptionRule() *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule { + return &AwsImagebuilderDistributionConfigurationInvalidDescriptionRule{ + resourceType: "aws_imagebuilder_distribution_configuration", + attributeName: "description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule) Name() string { + return "aws_imagebuilder_distribution_configuration_invalid_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderDistributionConfigurationInvalidDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_distribution_configuration_invalid_name.go b/rules/models/aws_imagebuilder_distribution_configuration_invalid_name.go new file mode 100644 index 00000000..3f212cd9 --- /dev/null +++ b/rules/models/aws_imagebuilder_distribution_configuration_invalid_name.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderDistributionConfigurationInvalidNameRule checks the pattern is valid +type AwsImagebuilderDistributionConfigurationInvalidNameRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderDistributionConfigurationInvalidNameRule returns new rule with default attributes +func NewAwsImagebuilderDistributionConfigurationInvalidNameRule() *AwsImagebuilderDistributionConfigurationInvalidNameRule { + return &AwsImagebuilderDistributionConfigurationInvalidNameRule{ + resourceType: "aws_imagebuilder_distribution_configuration", + attributeName: "name", + pattern: regexp.MustCompile(`^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderDistributionConfigurationInvalidNameRule) Name() string { + return "aws_imagebuilder_distribution_configuration_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderDistributionConfigurationInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderDistributionConfigurationInvalidNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderDistributionConfigurationInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderDistributionConfigurationInvalidNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_invalid_distribution_configuration_arn.go b/rules/models/aws_imagebuilder_image_invalid_distribution_configuration_arn.go new file mode 100644 index 00000000..bdc8b88b --- /dev/null +++ b/rules/models/aws_imagebuilder_image_invalid_distribution_configuration_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageInvalidDistributionConfigurationArnRule checks the pattern is valid +type AwsImagebuilderImageInvalidDistributionConfigurationArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImageInvalidDistributionConfigurationArnRule returns new rule with default attributes +func NewAwsImagebuilderImageInvalidDistributionConfigurationArnRule() *AwsImagebuilderImageInvalidDistributionConfigurationArnRule { + return &AwsImagebuilderImageInvalidDistributionConfigurationArnRule{ + resourceType: "aws_imagebuilder_image", + attributeName: "distribution_configuration_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):distribution-configuration/[a-z0-9-_]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageInvalidDistributionConfigurationArnRule) Name() string { + return "aws_imagebuilder_image_invalid_distribution_configuration_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageInvalidDistributionConfigurationArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageInvalidDistributionConfigurationArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageInvalidDistributionConfigurationArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageInvalidDistributionConfigurationArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):distribution-configuration/[a-z0-9-_]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_invalid_image_recipe_arn.go b/rules/models/aws_imagebuilder_image_invalid_image_recipe_arn.go new file mode 100644 index 00000000..30cb6113 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_invalid_image_recipe_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageInvalidImageRecipeArnRule checks the pattern is valid +type AwsImagebuilderImageInvalidImageRecipeArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImageInvalidImageRecipeArnRule returns new rule with default attributes +func NewAwsImagebuilderImageInvalidImageRecipeArnRule() *AwsImagebuilderImageInvalidImageRecipeArnRule { + return &AwsImagebuilderImageInvalidImageRecipeArnRule{ + resourceType: "aws_imagebuilder_image", + attributeName: "image_recipe_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):image-recipe/[a-z0-9-_]+/[0-9]+\.[0-9]+\.[0-9]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageInvalidImageRecipeArnRule) Name() string { + return "aws_imagebuilder_image_invalid_image_recipe_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageInvalidImageRecipeArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageInvalidImageRecipeArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageInvalidImageRecipeArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageInvalidImageRecipeArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):image-recipe/[a-z0-9-_]+/[0-9]+\.[0-9]+\.[0-9]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_invalid_infrastructure_configuration_arn.go b/rules/models/aws_imagebuilder_image_invalid_infrastructure_configuration_arn.go new file mode 100644 index 00000000..ad3bb542 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_invalid_infrastructure_configuration_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule checks the pattern is valid +type AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImageInvalidInfrastructureConfigurationArnRule returns new rule with default attributes +func NewAwsImagebuilderImageInvalidInfrastructureConfigurationArnRule() *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule { + return &AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule{ + resourceType: "aws_imagebuilder_image", + attributeName: "infrastructure_configuration_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):infrastructure-configuration/[a-z0-9-_]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule) Name() string { + return "aws_imagebuilder_image_invalid_infrastructure_configuration_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageInvalidInfrastructureConfigurationArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):infrastructure-configuration/[a-z0-9-_]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_description.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_description.go new file mode 100644 index 00000000..4f2b4632 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidDescriptionRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderImagePipelineInvalidDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidDescriptionRule() *AwsImagebuilderImagePipelineInvalidDescriptionRule { + return &AwsImagebuilderImagePipelineInvalidDescriptionRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidDescriptionRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_distribution_configuration_arn.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_distribution_configuration_arn.go new file mode 100644 index 00000000..60e3ab89 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_distribution_configuration_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule() *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule { + return &AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "distribution_configuration_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):distribution-configuration/[a-z0-9-_]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_distribution_configuration_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):distribution-configuration/[a-z0-9-_]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_image_recipe_arn.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_image_recipe_arn.go new file mode 100644 index 00000000..b6282bf6 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_image_recipe_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidImageRecipeArnRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidImageRecipeArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImagePipelineInvalidImageRecipeArnRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidImageRecipeArnRule() *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule { + return &AwsImagebuilderImagePipelineInvalidImageRecipeArnRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "image_recipe_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):image-recipe/[a-z0-9-_]+/[0-9]+\.[0-9]+\.[0-9]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_image_recipe_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidImageRecipeArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):image-recipe/[a-z0-9-_]+/[0-9]+\.[0-9]+\.[0-9]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_infrastructure_configuration_arn.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_infrastructure_configuration_arn.go new file mode 100644 index 00000000..1f4c33e7 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_infrastructure_configuration_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule() *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule { + return &AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "infrastructure_configuration_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):infrastructure-configuration/[a-z0-9-_]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_infrastructure_configuration_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:imagebuilder:[^:]+:(?:[0-9]{12}|aws):infrastructure-configuration/[a-z0-9-_]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_name.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_name.go new file mode 100644 index 00000000..55b165d3 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_name.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidNameRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidNameRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImagePipelineInvalidNameRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidNameRule() *AwsImagebuilderImagePipelineInvalidNameRule { + return &AwsImagebuilderImagePipelineInvalidNameRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "name", + pattern: regexp.MustCompile(`^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidNameRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_pipeline_invalid_status.go b/rules/models/aws_imagebuilder_image_pipeline_invalid_status.go new file mode 100644 index 00000000..417459dd --- /dev/null +++ b/rules/models/aws_imagebuilder_image_pipeline_invalid_status.go @@ -0,0 +1,77 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImagePipelineInvalidStatusRule checks the pattern is valid +type AwsImagebuilderImagePipelineInvalidStatusRule struct { + resourceType string + attributeName string + enum []string +} + +// NewAwsImagebuilderImagePipelineInvalidStatusRule returns new rule with default attributes +func NewAwsImagebuilderImagePipelineInvalidStatusRule() *AwsImagebuilderImagePipelineInvalidStatusRule { + return &AwsImagebuilderImagePipelineInvalidStatusRule{ + resourceType: "aws_imagebuilder_image_pipeline", + attributeName: "status", + enum: []string{ + "DISABLED", + "ENABLED", + }, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImagePipelineInvalidStatusRule) Name() string { + return "aws_imagebuilder_image_pipeline_invalid_status" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImagePipelineInvalidStatusRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImagePipelineInvalidStatusRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImagePipelineInvalidStatusRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImagePipelineInvalidStatusRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + found := false + for _, item := range r.enum { + if item == val { + found = true + } + } + if !found { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" is an invalid value as status`, truncateLongMessage(val)), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_recipe_invalid_description.go b/rules/models/aws_imagebuilder_image_recipe_invalid_description.go new file mode 100644 index 00000000..6200bc0d --- /dev/null +++ b/rules/models/aws_imagebuilder_image_recipe_invalid_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageRecipeInvalidDescriptionRule checks the pattern is valid +type AwsImagebuilderImageRecipeInvalidDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderImageRecipeInvalidDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderImageRecipeInvalidDescriptionRule() *AwsImagebuilderImageRecipeInvalidDescriptionRule { + return &AwsImagebuilderImageRecipeInvalidDescriptionRule{ + resourceType: "aws_imagebuilder_image_recipe", + attributeName: "description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageRecipeInvalidDescriptionRule) Name() string { + return "aws_imagebuilder_image_recipe_invalid_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageRecipeInvalidDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageRecipeInvalidDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageRecipeInvalidDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageRecipeInvalidDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_recipe_invalid_name.go b/rules/models/aws_imagebuilder_image_recipe_invalid_name.go new file mode 100644 index 00000000..d2ee974e --- /dev/null +++ b/rules/models/aws_imagebuilder_image_recipe_invalid_name.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageRecipeInvalidNameRule checks the pattern is valid +type AwsImagebuilderImageRecipeInvalidNameRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImageRecipeInvalidNameRule returns new rule with default attributes +func NewAwsImagebuilderImageRecipeInvalidNameRule() *AwsImagebuilderImageRecipeInvalidNameRule { + return &AwsImagebuilderImageRecipeInvalidNameRule{ + resourceType: "aws_imagebuilder_image_recipe", + attributeName: "name", + pattern: regexp.MustCompile(`^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageRecipeInvalidNameRule) Name() string { + return "aws_imagebuilder_image_recipe_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageRecipeInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageRecipeInvalidNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageRecipeInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageRecipeInvalidNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_recipe_invalid_parent_image.go b/rules/models/aws_imagebuilder_image_recipe_invalid_parent_image.go new file mode 100644 index 00000000..a94a611a --- /dev/null +++ b/rules/models/aws_imagebuilder_image_recipe_invalid_parent_image.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageRecipeInvalidParentImageRule checks the pattern is valid +type AwsImagebuilderImageRecipeInvalidParentImageRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderImageRecipeInvalidParentImageRule returns new rule with default attributes +func NewAwsImagebuilderImageRecipeInvalidParentImageRule() *AwsImagebuilderImageRecipeInvalidParentImageRule { + return &AwsImagebuilderImageRecipeInvalidParentImageRule{ + resourceType: "aws_imagebuilder_image_recipe", + attributeName: "parent_image", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageRecipeInvalidParentImageRule) Name() string { + return "aws_imagebuilder_image_recipe_invalid_parent_image" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageRecipeInvalidParentImageRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageRecipeInvalidParentImageRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageRecipeInvalidParentImageRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageRecipeInvalidParentImageRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "parent_image must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "parent_image must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_recipe_invalid_version.go b/rules/models/aws_imagebuilder_image_recipe_invalid_version.go new file mode 100644 index 00000000..6f9d8e86 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_recipe_invalid_version.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageRecipeInvalidVersionRule checks the pattern is valid +type AwsImagebuilderImageRecipeInvalidVersionRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderImageRecipeInvalidVersionRule returns new rule with default attributes +func NewAwsImagebuilderImageRecipeInvalidVersionRule() *AwsImagebuilderImageRecipeInvalidVersionRule { + return &AwsImagebuilderImageRecipeInvalidVersionRule{ + resourceType: "aws_imagebuilder_image_recipe", + attributeName: "version", + pattern: regexp.MustCompile(`^[0-9]+\.[0-9]+\.[0-9]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageRecipeInvalidVersionRule) Name() string { + return "aws_imagebuilder_image_recipe_invalid_version" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageRecipeInvalidVersionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageRecipeInvalidVersionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageRecipeInvalidVersionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageRecipeInvalidVersionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[0-9]+\.[0-9]+\.[0-9]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_image_recipe_invalid_working_directory.go b/rules/models/aws_imagebuilder_image_recipe_invalid_working_directory.go new file mode 100644 index 00000000..f995a357 --- /dev/null +++ b/rules/models/aws_imagebuilder_image_recipe_invalid_working_directory.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule checks the pattern is valid +type AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderImageRecipeInvalidWorkingDirectoryRule returns new rule with default attributes +func NewAwsImagebuilderImageRecipeInvalidWorkingDirectoryRule() *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule { + return &AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule{ + resourceType: "aws_imagebuilder_image_recipe", + attributeName: "working_directory", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule) Name() string { + return "aws_imagebuilder_image_recipe_invalid_working_directory" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderImageRecipeInvalidWorkingDirectoryRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "working_directory must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "working_directory must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_description.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_description.go new file mode 100644 index 00000000..3c130949 --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_description.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule() *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "description", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_description" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "description must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "description must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_instance_profile_name.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_instance_profile_name.go new file mode 100644 index 00000000..87059f4b --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_instance_profile_name.go @@ -0,0 +1,87 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule struct { + resourceType string + attributeName string + max int + min int + pattern *regexp.Regexp +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule() *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "instance_profile_name", + max: 256, + min: 1, + pattern: regexp.MustCompile(`^[\w+=,.@-]+$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_instance_profile_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "instance_profile_name must be 256 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "instance_profile_name must be 1 characters or higher", + attribute.Expr, + ) + } + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[\w+=,.@-]+$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_key_pair.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_key_pair.go new file mode 100644 index 00000000..f4de9fae --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_key_pair.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule() *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "key_pair", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_key_pair" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "key_pair must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "key_pair must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_name.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_name.go new file mode 100644 index 00000000..c5f79c23 --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_name.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidNameRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidNameRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidNameRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidNameRule() *AwsImagebuilderInfrastructureConfigurationInvalidNameRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidNameRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "name", + pattern: regexp.MustCompile(`^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidNameRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidNameRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidNameRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_sns_topic_arn.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_sns_topic_arn.go new file mode 100644 index 00000000..4eda3280 --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_sns_topic_arn.go @@ -0,0 +1,69 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "fmt" + "log" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule() *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "sns_topic_arn", + pattern: regexp.MustCompile(`^arn:aws[^:]*:sns:[^:]+:[0-9]{12}:[a-zA-Z0-9-_]{1,256}$`), + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_sns_topic_arn" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^arn:aws[^:]*:sns:[^:]+:[0-9]{12}:[a-zA-Z0-9-_]{1,256}$`), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_subnet_id.go b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_subnet_id.go new file mode 100644 index 00000000..edcdcf83 --- /dev/null +++ b/rules/models/aws_imagebuilder_infrastructure_configuration_invalid_subnet_id.go @@ -0,0 +1,76 @@ +// This file generated by `generator/`. DO NOT EDIT + +package models + +import ( + "log" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule checks the pattern is valid +type AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule struct { + resourceType string + attributeName string + max int + min int +} + +// NewAwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule returns new rule with default attributes +func NewAwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule() *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule { + return &AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule{ + resourceType: "aws_imagebuilder_infrastructure_configuration", + attributeName: "subnet_id", + max: 1024, + min: 1, + } +} + +// Name returns the rule name +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule) Name() string { + return "aws_imagebuilder_infrastructure_configuration_invalid_subnet_id" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *AwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule) Check(runner tflint.Runner) error { + log.Printf("[TRACE] Check `%s` rule", r.Name()) + + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if len(val) > r.max { + runner.EmitIssueOnExpr( + r, + "subnet_id must be 1024 characters or less", + attribute.Expr, + ) + } + if len(val) < r.min { + runner.EmitIssueOnExpr( + r, + "subnet_id must be 1 characters or higher", + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/models/mappings/imagebuilder.hcl b/rules/models/mappings/imagebuilder.hcl new file mode 100644 index 00000000..d68bb8c7 --- /dev/null +++ b/rules/models/mappings/imagebuilder.hcl @@ -0,0 +1,67 @@ +import = "aws-sdk-go/models/apis/imagebuilder/2019-12-02/api-2.json" + +mapping "aws_imagebuilder_component" { + name = ResourceName + platform = Platform + version = VersionNumber + change_description = NonEmptyString + data = InlineComponentData + description = NonEmptyString + kms_key_id = NonEmptyString + supported_os_versions = OsVersionList + tags = TagMap + uri = Uri +} + +mapping "aws_imagebuilder_distribution_configuration" { + name = ResourceName + distribution = DistributionList + description = NonEmptyString + # kms_key_id = NonEmptyString + tags = TagMap +} + +mapping "aws_imagebuilder_image" { + image_recipe_arn = ImageRecipeArn + infrastructure_configuration_arn = InfrastructureConfigurationArn + distribution_configuration_arn = DistributionConfigurationArn + image_tests_configuration = ImageTestsConfiguration + tags = TagMap +} + +mapping "aws_imagebuilder_image_pipeline" { + image_recipe_arn = ImageRecipeArn + infrastructure_configuration_arn = InfrastructureConfigurationArn + name = ResourceName + description = NonEmptyString + distribution_configuration_arn = DistributionConfigurationArn + image_tests_configuration = ImageTestsConfiguration + schedule = Schedule + status = PipelineStatus + tags = TagMap +} + +mapping "aws_imagebuilder_image_recipe" { + component = ComponentConfigurationList + name = ResourceName + parent_image = NonEmptyString + version = VersionNumber + block_device_mapping = InstanceBlockDeviceMappings + description = NonEmptyString + tags = TagMap + working_directory = NonEmptyString +} + +mapping "aws_imagebuilder_infrastructure_configuration" { + instance_profile_name = InstanceProfileNameType + name = ResourceName + description = NonEmptyString + instance_types = InstanceTypeList + key_pair = NonEmptyString + logging = Logging + resource_tags = ResourceTagMap + security_group_ids = SecurityGroupIds + sns_topic_arn = SnsTopicArn + subnet_id = NonEmptyString + tags = TagMap +} diff --git a/rules/models/provider.go b/rules/models/provider.go index 22be688f..eebd7433 100644 --- a/rules/models/provider.go +++ b/rules/models/provider.go @@ -572,6 +572,35 @@ var Rules = []tflint.Rule{ NewAwsIAMUserSSHKeyInvalidPublicKeyRule(), NewAwsIAMUserSSHKeyInvalidStatusRule(), NewAwsIAMUserSSHKeyInvalidUsernameRule(), + NewAwsImagebuilderComponentInvalidChangeDescriptionRule(), + NewAwsImagebuilderComponentInvalidDataRule(), + NewAwsImagebuilderComponentInvalidDescriptionRule(), + NewAwsImagebuilderComponentInvalidKmsKeyIDRule(), + NewAwsImagebuilderComponentInvalidNameRule(), + NewAwsImagebuilderComponentInvalidPlatformRule(), + NewAwsImagebuilderComponentInvalidVersionRule(), + NewAwsImagebuilderDistributionConfigurationInvalidDescriptionRule(), + NewAwsImagebuilderDistributionConfigurationInvalidNameRule(), + NewAwsImagebuilderImageInvalidDistributionConfigurationArnRule(), + NewAwsImagebuilderImageInvalidImageRecipeArnRule(), + NewAwsImagebuilderImageInvalidInfrastructureConfigurationArnRule(), + NewAwsImagebuilderImagePipelineInvalidDescriptionRule(), + NewAwsImagebuilderImagePipelineInvalidDistributionConfigurationArnRule(), + NewAwsImagebuilderImagePipelineInvalidImageRecipeArnRule(), + NewAwsImagebuilderImagePipelineInvalidInfrastructureConfigurationArnRule(), + NewAwsImagebuilderImagePipelineInvalidNameRule(), + NewAwsImagebuilderImagePipelineInvalidStatusRule(), + NewAwsImagebuilderImageRecipeInvalidDescriptionRule(), + NewAwsImagebuilderImageRecipeInvalidNameRule(), + NewAwsImagebuilderImageRecipeInvalidParentImageRule(), + NewAwsImagebuilderImageRecipeInvalidVersionRule(), + NewAwsImagebuilderImageRecipeInvalidWorkingDirectoryRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidDescriptionRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidInstanceProfileNameRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidKeyPairRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidNameRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidSnsTopicArnRule(), + NewAwsImagebuilderInfrastructureConfigurationInvalidSubnetIDRule(), NewAwsInspectorAssessmentTargetInvalidNameRule(), NewAwsInspectorAssessmentTargetInvalidResourceGroupArnRule(), NewAwsInspectorAssessmentTemplateInvalidNameRule(),