From 5f1dc87d8a3c8c10a6355f7219d0fee792fc99a0 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Wed, 16 Mar 2022 23:18:22 +0000 Subject: [PATCH 01/14] add aws_elastic_beanstalk_environment_name_invalid_format rule & tests --- ...anstalk_environment_name_invalid_format.go | 64 +++++++++++++++ ...lk_environment_name_invalid_format_test.go | 82 +++++++++++++++++++ rules/provider.go | 1 + 3 files changed, 147 insertions(+) create mode 100644 rules/aws_elastic_beanstalk_environment_name_invalid_format.go create mode 100644 rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go new file mode 100644 index 00000000..7bf6043e --- /dev/null +++ b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go @@ -0,0 +1,64 @@ +package rules + +import ( + "fmt" + "regexp" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// AwsElasticBeanstalkEnvironmentNameInvalidFormatRule checks EB environment name matches a pattern +type AwsElasticBeanstalkEnvironmentNameInvalidFormatRule struct { + resourceType string + attributeName string + pattern *regexp.Regexp +} + +// NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule returns new rule with default attributes +func NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule() *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule { + return &AwsElasticBeanstalkEnvironmentNameInvalidFormatRule{ + resourceType: "aws_elastic_beanstalk_environment", + attributeName: "name", + pattern: regexp.MustCompile("^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$"), + } +} + +// Name returns the rule name +func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Name() string { + return "aws_elastic_beanstalk_environment_name_invalid_format" +} + +// Enabled returns whether the rule is enabled by default +func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Severity() string { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Link() string { + return "" +} + +// Check checks the environment name matches the pattern provided +func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Check(runner tflint.Runner) error { + return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { + var val string + err := runner.EvaluateExpr(attribute.Expr, &val, nil) + + return runner.EnsureNoError(err, func() error { + if !r.pattern.MatchString(val) { + runner.EmitIssueOnExpr( + r, + fmt.Sprintf(`%s does not match valid pattern %s`, val, r.pattern.String()), + attribute.Expr, + ) + } + return nil + }) + }) +} diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go b/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go new file mode 100644 index 00000000..67e830d3 --- /dev/null +++ b/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go @@ -0,0 +1,82 @@ +package rules + +import ( + "testing" + + hcl "github.com/hashicorp/hcl/v2" + "github.com/terraform-linters/tflint-plugin-sdk/helper" +) + +func Test_AwsElasticBeanstalkEnvironmentNameInvalidFormat(t *testing.T) { + cases := []struct { + Name string + Content string + Expected helper.Issues + }{ + { + Name: "tf-test-name dash valid", + Content: ` +resource "aws_elastic_beanstalk_environment" "tfenvtest" { + name = "tf-test-name" + application = "tf-test-name" + solution_stack_name = "64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4" +} +`, + Expected: helper.Issues{}, + }, + { + Name: "underscores invalid", + Content: ` +resource "aws_elastic_beanstalk_environment" "tfenvtest" { + name = "tf_test_name" + application = "tf-test-name" + solution_stack_name = "64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4" +} +`, + Expected: helper.Issues{ + { + Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), + Message: "tf_test_name does not match valid pattern ^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$", + Range: hcl.Range{ + Filename: "resource.tf", + Start: hcl.Pos{Line: 3, Column: 24}, + End: hcl.Pos{Line: 3, Column: 38}, + }, + }, + }, + }, + { + Name: "end with dash invalid", + Content: ` +resource "aws_elastic_beanstalk_environment" "tfenvtest" { + name = "tf-test-name-" + application = "tf-test-name" + solution_stack_name = "64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4" +} +`, + Expected: helper.Issues{ + { + Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), + Message: "tf-test-name- does not match valid pattern ^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$", + Range: hcl.Range{ + Filename: "resource.tf", + Start: hcl.Pos{Line: 3, Column: 24}, + End: hcl.Pos{Line: 3, Column: 39}, + }, + }, + }, + }, + } + + rule := NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule() + + for _, tc := range cases { + runner := helper.TestRunner(t, map[string]string{"resource.tf": tc.Content}) + + if err := rule.Check(runner); err != nil { + t.Fatalf("Unexpected error occurred: %s", err) + } + + helper.AssertIssues(t, tc.Expected, runner.Issues) + } +} diff --git a/rules/provider.go b/rules/provider.go index 8273defc..934a37cf 100644 --- a/rules/provider.go +++ b/rules/provider.go @@ -37,4 +37,5 @@ var Rules = append([]tflint.Rule{ NewAwsLambdaFunctionDeprecatedRuntimeRule(), NewAwsIAMGroupPolicyTooLongRule(), NewAwsAcmCertificateLifecycleRule(), + NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), }, models.Rules...) From 45176d78e8dd6dbfba3f8bbec17ef70357f222b9 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Wed, 16 Mar 2022 23:48:06 +0000 Subject: [PATCH 02/14] increase readability of error message --- ...aws_elastic_beanstalk_environment_name_invalid_format.go | 3 ++- ...lastic_beanstalk_environment_name_invalid_format_test.go | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go index 7bf6043e..2910d3ad 100644 --- a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go +++ b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go @@ -54,7 +54,8 @@ func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Check(runner tflin if !r.pattern.MatchString(val) { runner.EmitIssueOnExpr( r, - fmt.Sprintf(`%s does not match valid pattern %s`, val, r.pattern.String()), + fmt.Sprintf(`%s does not match constraint: must contain only letters, digits, and the dash ` + + `character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$)`, val), attribute.Expr, ) } diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go b/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go index 67e830d3..9a8edcca 100644 --- a/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go +++ b/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go @@ -36,7 +36,8 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { Expected: helper.Issues{ { Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), - Message: "tf_test_name does not match valid pattern ^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$", + Message: "tf_test_name does not match constraint: must contain only letters, digits, and " + + "the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$)", Range: hcl.Range{ Filename: "resource.tf", Start: hcl.Pos{Line: 3, Column: 24}, @@ -57,7 +58,8 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { Expected: helper.Issues{ { Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), - Message: "tf-test-name- does not match valid pattern ^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$", + Message: "tf-test-name- does not match constraint: must contain only letters, digits, and " + + "the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$)", Range: hcl.Range{ Filename: "resource.tf", Start: hcl.Pos{Line: 3, Column: 24}, From 30869901d3581880a014a531121b46af17ad0e7f Mon Sep 17 00:00:00 2001 From: samhpickering Date: Wed, 16 Mar 2022 23:53:19 +0000 Subject: [PATCH 03/14] add documentation --- docs/rules/README.md | 1 + ...anstalk_environment_name_invalid_format.md | 37 +++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md diff --git a/docs/rules/README.md b/docs/rules/README.md index bbdc7d41..53e291e0 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -18,6 +18,7 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| +|aws_elastic_beanstalk_environment_name_invalid_format|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔| diff --git a/docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md b/docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md new file mode 100644 index 00000000..0ac6c366 --- /dev/null +++ b/docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md @@ -0,0 +1,37 @@ +# aws_elastic_beanstalk_environment_name_invalid_format + +Ensure Elastic Beanstalk environment name matches allowed format. + +## Example + +```hcl +resource "aws_elastic_beanstalk_environment" "tfenvtest" { + name = "tf_test_name" + application = "tf-test-name" + solution_stack_name = "64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4" +} +``` + +``` +$ tflint +1 issue(s) found: + +Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_name_invalid_format) + + on example.tf line 2: + 2: name = "tf_test_name" + +``` + +## Why + +When attempting to create the resource, Terraform will return the error: +``` +Error: InvalidParameterValue: Value tf_test_name at 'EnvironmentName' failed to satisfy constraint: Member must contain only letters, digits, and the dash character and may not start or end with a dash +status code: 400 +``` + +## How To Fix + +Ensure your environment name consists only of letters, digits, and the dash character, and does not start or end with a dash. +The regex used is `^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$` From ad3553239f500c56152fb0b5146146e71d9be76d Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:00:27 +0000 Subject: [PATCH 04/14] add rule reference link --- rules/aws_elastic_beanstalk_environment_name_invalid_format.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go index 2910d3ad..d159dce5 100644 --- a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go +++ b/rules/aws_elastic_beanstalk_environment_name_invalid_format.go @@ -41,7 +41,7 @@ func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Severity() string // Link returns the rule reference link func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Link() string { - return "" + return project.ReferenceLink(r.Name()) } // Check checks the environment name matches the pattern provided From 21d2cbf2b4f009004de86de8b4d4f52338af23e4 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:31:03 +0000 Subject: [PATCH 05/14] standardise rule name --- docs/rules/README.md | 2 +- ...nstalk_environment_invalid_name_format.md} | 4 ++-- ...nstalk_environment_invalid_name_format.go} | 22 +++++++++---------- ...k_environment_invalid_name_format_test.go} | 8 +++---- rules/provider.go | 2 +- 5 files changed, 19 insertions(+), 19 deletions(-) rename docs/rules/{aws_elastic_beanstalk_environment_name_invalid_format.md => aws_elastic_beanstalk_environment_invalid_name_format.md} (91%) rename rules/{aws_elastic_beanstalk_environment_name_invalid_format.go => aws_elastic_beanstalk_environment_invalid_name_format.go} (65%) rename rules/{aws_elastic_beanstalk_environment_name_invalid_format_test.go => aws_elastic_beanstalk_environment_invalid_name_format_test.go} (89%) diff --git a/docs/rules/README.md b/docs/rules/README.md index 53e291e0..6055cffc 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -18,7 +18,7 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| -|aws_elastic_beanstalk_environment_name_invalid_format|Disallow invalid environment name||✔| +|aws_elastic_beanstalk_environment_invalid_name_format|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔| diff --git a/docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md similarity index 91% rename from docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md rename to docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md index 0ac6c366..1ecdb154 100644 --- a/docs/rules/aws_elastic_beanstalk_environment_name_invalid_format.md +++ b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md @@ -1,4 +1,4 @@ -# aws_elastic_beanstalk_environment_name_invalid_format +# aws_elastic_beanstalk_environment_invalid_name_format Ensure Elastic Beanstalk environment name matches allowed format. @@ -16,7 +16,7 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { $ tflint 1 issue(s) found: -Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_name_invalid_format) +Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_invalid_name_format) on example.tf line 2: 2: name = "tf_test_name" diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go b/rules/aws_elastic_beanstalk_environment_invalid_name_format.go similarity index 65% rename from rules/aws_elastic_beanstalk_environment_name_invalid_format.go rename to rules/aws_elastic_beanstalk_environment_invalid_name_format.go index d159dce5..44b0ff34 100644 --- a/rules/aws_elastic_beanstalk_environment_name_invalid_format.go +++ b/rules/aws_elastic_beanstalk_environment_invalid_name_format.go @@ -8,16 +8,16 @@ import ( "github.com/terraform-linters/tflint-plugin-sdk/tflint" ) -// AwsElasticBeanstalkEnvironmentNameInvalidFormatRule checks EB environment name matches a pattern -type AwsElasticBeanstalkEnvironmentNameInvalidFormatRule struct { +// AwsElasticBeanstalkEnvironmentInvalidNameFormatRule checks EB environment name matches a pattern +type AwsElasticBeanstalkEnvironmentInvalidNameFormatRule struct { resourceType string attributeName string pattern *regexp.Regexp } -// NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule returns new rule with default attributes -func NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule() *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule { - return &AwsElasticBeanstalkEnvironmentNameInvalidFormatRule{ +// NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule returns new rule with default attributes +func NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule() *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule { + return &AwsElasticBeanstalkEnvironmentInvalidNameFormatRule{ resourceType: "aws_elastic_beanstalk_environment", attributeName: "name", pattern: regexp.MustCompile("^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$"), @@ -25,27 +25,27 @@ func NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule() *AwsElasticBeansta } // Name returns the rule name -func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Name() string { - return "aws_elastic_beanstalk_environment_name_invalid_format" +func (r *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule) Name() string { + return "aws_elastic_beanstalk_environment_invalid_name_format" } // Enabled returns whether the rule is enabled by default -func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Enabled() bool { +func (r *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule) Enabled() bool { return true } // Severity returns the rule severity -func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Severity() string { +func (r *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule) Severity() string { return tflint.ERROR } // Link returns the rule reference link -func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Link() string { +func (r *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule) Link() string { return project.ReferenceLink(r.Name()) } // Check checks the environment name matches the pattern provided -func (r *AwsElasticBeanstalkEnvironmentNameInvalidFormatRule) Check(runner tflint.Runner) error { +func (r *AwsElasticBeanstalkEnvironmentInvalidNameFormatRule) Check(runner tflint.Runner) error { return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error { var val string err := runner.EvaluateExpr(attribute.Expr, &val, nil) diff --git a/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go b/rules/aws_elastic_beanstalk_environment_invalid_name_format_test.go similarity index 89% rename from rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go rename to rules/aws_elastic_beanstalk_environment_invalid_name_format_test.go index 9a8edcca..f969d04e 100644 --- a/rules/aws_elastic_beanstalk_environment_name_invalid_format_test.go +++ b/rules/aws_elastic_beanstalk_environment_invalid_name_format_test.go @@ -7,7 +7,7 @@ import ( "github.com/terraform-linters/tflint-plugin-sdk/helper" ) -func Test_AwsElasticBeanstalkEnvironmentNameInvalidFormat(t *testing.T) { +func Test_AwsElasticBeanstalkEnvironmentInvalidNameFormat(t *testing.T) { cases := []struct { Name string Content string @@ -35,7 +35,7 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { `, Expected: helper.Issues{ { - Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), + Rule: NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule(), Message: "tf_test_name does not match constraint: must contain only letters, digits, and " + "the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$)", Range: hcl.Range{ @@ -57,7 +57,7 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { `, Expected: helper.Issues{ { - Rule: NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), + Rule: NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule(), Message: "tf-test-name- does not match constraint: must contain only letters, digits, and " + "the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$)", Range: hcl.Range{ @@ -70,7 +70,7 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { }, } - rule := NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule() + rule := NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule() for _, tc := range cases { runner := helper.TestRunner(t, map[string]string{"resource.tf": tc.Content}) diff --git a/rules/provider.go b/rules/provider.go index 934a37cf..8103ae39 100644 --- a/rules/provider.go +++ b/rules/provider.go @@ -37,5 +37,5 @@ var Rules = append([]tflint.Rule{ NewAwsLambdaFunctionDeprecatedRuntimeRule(), NewAwsIAMGroupPolicyTooLongRule(), NewAwsAcmCertificateLifecycleRule(), - NewAwsElasticBeanstalkEnvironmentNameInvalidFormatRule(), + NewAwsElasticBeanstalkEnvironmentInvalidNameFormatRule(), }, models.Rules...) From 288990e46aab3510b37b374a8e016d093c5e1e1a Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:36:09 +0000 Subject: [PATCH 06/14] add missing link in rules readme --- docs/rules/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/rules/README.md b/docs/rules/README.md index 6055cffc..d522c1ca 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -18,7 +18,7 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| -|aws_elastic_beanstalk_environment_invalid_name_format|Disallow invalid environment name||✔| +|[aws_elastic_beanstalk_environment_invalid_name_format](aws_elastic_beanstalk_environment_invalid_name_format.md)|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔| From e41b0acd3d2461a3c1b3fd7050fed02a966dfd19 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:38:32 +0000 Subject: [PATCH 07/14] break lines in readme code blocks --- ...astic_beanstalk_environment_invalid_name_format.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md index 1ecdb154..bc6c161d 100644 --- a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md +++ b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md @@ -16,7 +16,9 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { $ tflint 1 issue(s) found: -Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_invalid_name_format) +Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash + character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) + (aws_elastic_beanstalk_environment_invalid_name_format) on example.tf line 2: 2: name = "tf_test_name" @@ -27,11 +29,14 @@ Error: tf_test_name does not match constraint: must contain only letters, digits When attempting to create the resource, Terraform will return the error: ``` -Error: InvalidParameterValue: Value tf_test_name at 'EnvironmentName' failed to satisfy constraint: Member must contain only letters, digits, and the dash character and may not start or end with a dash +Error: InvalidParameterValue: Value tf_test_name at 'EnvironmentName' failed to satisfy +constraint: Member must contain only letters, digits, and the dash character and may not start +or end with a dash status code: 400 ``` ## How To Fix -Ensure your environment name consists only of letters, digits, and the dash character, and does not start or end with a dash. +Ensure your environment name consists only of letters, digits, and the dash character, and does +not start or end with a dash. The regex used is `^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$` From 1d564770135b62b8be9d062f735103cfcb7c08a9 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:41:58 +0000 Subject: [PATCH 08/14] update example resource config --- ...lastic_beanstalk_environment_invalid_name_format.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md index bc6c161d..ffd31c58 100644 --- a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md +++ b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md @@ -6,8 +6,8 @@ Ensure Elastic Beanstalk environment name matches allowed format. ```hcl resource "aws_elastic_beanstalk_environment" "tfenvtest" { - name = "tf_test_name" - application = "tf-test-name" + name = "env_name_underscores" + application = "example-app" solution_stack_name = "64bit Amazon Linux 2015.03 v2.0.3 running Go 1.4" } ``` @@ -16,9 +16,9 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" { $ tflint 1 issue(s) found: -Error: tf_test_name does not match constraint: must contain only letters, digits, and the dash - character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) - (aws_elastic_beanstalk_environment_invalid_name_format) +Error: env_name_underscores does not match constraint: must contain only letters, digits, and +the dash character and may not start or end with a dash +(^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_invalid_name_format) on example.tf line 2: 2: name = "tf_test_name" From 2829de7d80febf5f098833d3e2289fb8694398e8 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:43:20 +0000 Subject: [PATCH 09/14] update readme description --- .../aws_elastic_beanstalk_environment_invalid_name_format.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md index ffd31c58..17616886 100644 --- a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md +++ b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md @@ -1,6 +1,6 @@ # aws_elastic_beanstalk_environment_invalid_name_format -Ensure Elastic Beanstalk environment name matches allowed format. +Disallow invalid Elastic Beanstalk environment name ## Example From 848bd6ff1bcab1885d792eeee67f10cb2dd065db Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 00:45:32 +0000 Subject: [PATCH 10/14] update readme --- .../aws_elastic_beanstalk_environment_invalid_name_format.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md index 17616886..47db0562 100644 --- a/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md +++ b/docs/rules/aws_elastic_beanstalk_environment_invalid_name_format.md @@ -21,7 +21,7 @@ the dash character and may not start or end with a dash (^[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]$) (aws_elastic_beanstalk_environment_invalid_name_format) on example.tf line 2: - 2: name = "tf_test_name" + 2: name = "env_name_underscores" ``` @@ -29,7 +29,7 @@ the dash character and may not start or end with a dash When attempting to create the resource, Terraform will return the error: ``` -Error: InvalidParameterValue: Value tf_test_name at 'EnvironmentName' failed to satisfy +Error: InvalidParameterValue: Value env_name_underscores at 'EnvironmentName' failed to satisfy constraint: Member must contain only letters, digits, and the dash character and may not start or end with a dash status code: 400 From 769dec954f3c1e166a4a2949a0e2507b29812ccd Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 01:01:24 +0000 Subject: [PATCH 11/14] import project for rule reference link --- rules/aws_elastic_beanstalk_environment_invalid_name_format.go | 1 + 1 file changed, 1 insertion(+) diff --git a/rules/aws_elastic_beanstalk_environment_invalid_name_format.go b/rules/aws_elastic_beanstalk_environment_invalid_name_format.go index 44b0ff34..2a72c4cc 100644 --- a/rules/aws_elastic_beanstalk_environment_invalid_name_format.go +++ b/rules/aws_elastic_beanstalk_environment_invalid_name_format.go @@ -6,6 +6,7 @@ import ( hcl "github.com/hashicorp/hcl/v2" "github.com/terraform-linters/tflint-plugin-sdk/tflint" + "github.com/terraform-linters/tflint-ruleset-aws/project" ) // AwsElasticBeanstalkEnvironmentInvalidNameFormatRule checks EB environment name matches a pattern From 36d962ae700a0a1e95735dd3d98c673fd977b73e Mon Sep 17 00:00:00 2001 From: samhpickering Date: Thu, 17 Mar 2022 01:10:19 +0000 Subject: [PATCH 12/14] revert changes to rules readme --- docs/rules/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/rules/README.md b/docs/rules/README.md index d522c1ca..bbdc7d41 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -18,7 +18,6 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| -|[aws_elastic_beanstalk_environment_invalid_name_format](aws_elastic_beanstalk_environment_invalid_name_format.md)|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔| From 2cc1e2c8442788474505f6940a488dc3e49154d0 Mon Sep 17 00:00:00 2001 From: samhpickering Date: Sat, 19 Mar 2022 18:44:39 +0000 Subject: [PATCH 13/14] Revert "revert changes to rules readme" This reverts commit 36d962ae700a0a1e95735dd3d98c673fd977b73e. --- docs/rules/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/rules/README.md b/docs/rules/README.md index bbdc7d41..d522c1ca 100644 --- a/docs/rules/README.md +++ b/docs/rules/README.md @@ -18,6 +18,7 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| +|[aws_elastic_beanstalk_environment_invalid_name_format](aws_elastic_beanstalk_environment_invalid_name_format.md)|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔| From 5fd485b4311097a2c7ea04ad0160d7cc6a704b64 Mon Sep 17 00:00:00 2001 From: wata_mac Date: Sun, 27 Mar 2022 21:48:50 +0900 Subject: [PATCH 14/14] Fix docs/rules/README.md.tmpl --- docs/rules/README.md.tmpl | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/rules/README.md.tmpl b/docs/rules/README.md.tmpl index 6da3849e..ef48f163 100644 --- a/docs/rules/README.md.tmpl +++ b/docs/rules/README.md.tmpl @@ -18,6 +18,7 @@ These rules warn of possible errors that can occur at `terraform apply`. Rules m |[aws_db_instance_invalid_type](aws_db_instance_invalid_type.md)|Disallow using invalid instance class||✔| |aws_db_instance_invalid_vpc_security_group|Disallow using invalid VPC security groups|✔|✔| |aws_dynamodb_table_invalid_stream_view_type|Disallow using invalid stream view types for DynamoDB||✔| +|[aws_elastic_beanstalk_environment_invalid_name_format](aws_elastic_beanstalk_environment_invalid_name_format.md)|Disallow invalid environment name||✔| |aws_elasticache_cluster_invalid_parameter_group|Disallow using invalid parameter group|✔|✔| |aws_elasticache_cluster_invalid_security_group|Disallow using invalid security groups|✔|✔| |aws_elasticache_cluster_invalid_subnet_group|Disallow using invalid subnet group|✔|✔|