-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support provider aliases #342
feat: support provider aliases #342
Conversation
It failed to parse the attribute resource "aws_instance" "reverse_proxy_a01" {
ami = "ami-088da9557aae42f39"
instance_type = "t3.micro"
key_name = "bootstrap"
provider = aws.us-east-1
} func (r *Runner) AwsClient(attributes hclext.Attributes) (*Client, error) {
provider := "aws"
if attr, exists := attributes["provider"]; exists {
if diags := gohcl.DecodeExpression(attr.Expr, nil, &provider); diags.HasErrors() {
logger.Error("parse provider attribute")
return nil, diags
}
logger.Info("provider: " + provider)
}
awsClient, ok := r.AwsClients[provider]
if !ok {
return nil, fmt.Errorf("aws provider %s isn't found", provider)
}
return awsClient, nil
}
if diags := gohcl.DecodeExpression(attr.Expr, nil, &provider); diags.HasErrors() { provider = aws.us-east-1
$ terraform validate
Success! The configuration is valid. |
Umm... As you say, it seems that it is necessary to reimplement the I think we doesn't need to reproduce all implementations completely, for example, support for legacy configuration language can be ignored. The important thing is to get the list of traversals with |
67a6433 Copied required code. |
Mozilla Public License, version 2.0 |
if err != nil { | ||
return nil, err | ||
} | ||
clients[k] = client |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I noticed that the client is not initialized as before if you don't declare any provider blocks. Previously, if you wrote a credential in .tflint.hcl
, you should have been able to enable deep checking without a provider block. e.g.
plugin "aws" {
enabled = true
access_key = "AWS_ACCESS_KEY",
secret_key = "AWS_SECRET_KEY",
}
resource "aws_instance" "foo" {
ami = "invalid"
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. f73855a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://github.com/terraform-linters/tflint-ruleset-aws/blob/master/docs/deep_checking.md#shared-credentials
https://github.com/terraform-linters/tflint-ruleset-aws/blob/master/docs/deep_checking.md#static-credentials
If these configurations are defined in the provider block, they will also be taken into account. But the priority is lower than the above way.
The priority is higher than the environment variable and lower than the above way.
Hmm... Maybe we have to fix f73855a according to the priority.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The priority of plugin
setting is higher than provider
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. 313f0da
@@ -72,13 +72,18 @@ func (r *AwsInstanceInvalidAMIRule) Check(rr tflint.Runner) error { | |||
continue | |||
} | |||
|
|||
awsClient, err := runner.AwsClient(resource.Body.Attributes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to get the provider attribute explicitly like any other rule.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. 821423f
@@ -72,13 +72,18 @@ func (r *AwsLaunchConfigurationInvalidImageIDRule) Check(rr tflint.Runner) error | |||
continue | |||
} | |||
|
|||
awsClient, err := runner.AwsClient(resource.Body.Attributes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as aws_instance_invalid_rule.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed. 821423f
Yes. We changed TFLint's license 4 years ago to follow this case. MPL 2.0 is a weak copyleft and the Large Work is allowed under the same license. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🎉
Thank you for your support! |
#331
Follow up #332 (comment)