Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report aws_instance_not_specified_iam_profile only when terraform_version is less than 0.8.8 #124

Merged
merged 1 commit into from
Jul 9, 2017
Merged

Report aws_instance_not_specified_iam_profile only when terraform_version is less than 0.8.8 #124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ Try running TFLint under the directory where Terraform is executed. It detect if
```
$ tflint
template.tf
NOTICE:1 "iam_instance_profile" is not specified. If you want to change it, you need to recreate instance. (Only less than Terraform 0.8.8)
NOTICE:1 "iam_instance_profile" is not specified. If you want to change it, you need to recreate the instance.
ERROR:3 "t1.2xlarge" is invalid instance type.

Result: 2 issues (1 errors , 0 warnings , 1 notices)
Expand Down
12 changes: 10 additions & 2 deletions detector/aws_instance_not_specified_iam_profile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package detector

import (
"github.com/hashicorp/go-version"
"github.com/wata727/tflint/issue"
"github.com/wata727/tflint/schema"
)
Expand All @@ -21,11 +22,18 @@ func (d *Detector) CreateAwsInstanceNotSpecifiedIAMProfileDetector() *AwsInstanc
}

func (d *AwsInstanceNotSpecifiedIAMProfileDetector) Detect(resource *schema.Resource, issues *[]*issue.Issue) {
if _, ok := resource.GetToken("iam_instance_profile"); !ok {
v1, err := version.NewVersion(d.Config.TerraformVersion)
// If `terraform_version` is not set, always detect.
if err != nil {
v1, _ = version.NewVersion("0.8.0")
}
v2, _ := version.NewVersion("0.8.8")

if _, ok := resource.GetToken("iam_instance_profile"); !ok && v1.LessThan(v2) {
issue := &issue.Issue{
Detector: d.Name,
Type: d.IssueType,
Message: "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate instance. (Only less than Terraform 0.8.8)",
Message: "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate the instance.",
Line: resource.Pos.Line,
File: resource.Pos.Filename,
Link: d.Link,
Expand Down
38 changes: 36 additions & 2 deletions detector/aws_instance_not_specified_iam_profile_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ func TestDetectAwsInstanceNotSpecifiedIAMProfile(t *testing.T) {
cases := []struct {
Name string
Src string
Config *config.Config
Issues []*issue.Issue
}{
{
Expand All @@ -21,11 +22,12 @@ func TestDetectAwsInstanceNotSpecifiedIAMProfile(t *testing.T) {
resource "aws_instance" "web" {
instance_type = "t2.2xlarge"
}`,
Config: config.Init(),
Issues: []*issue.Issue{
{
Detector: "aws_instance_not_specified_iam_profile",
Type: "NOTICE",
Message: "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate instance. (Only less than Terraform 0.8.8)",
Message: "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate the instance.",
Line: 2,
File: "test.tf",
Link: "https://github.com/wata727/tflint/blob/master/docs/aws_instance_not_specified_iam_profile.md",
Expand All @@ -39,6 +41,38 @@ resource "aws_instance" "web" {
instance_type = "t2.micro"
iam_instance_profile = "test"
}`,
Config: config.Init(),
Issues: []*issue.Issue{},
},
{
Name: "iam_instance_profile is not specified and Terraform version is less than 0.8.8",
Src: `
resource "aws_instance" "web" {
instance_type = "t2.2xlarge"
}`,
Config: &config.Config{
TerraformVersion: "0.8.7",
},
Issues: []*issue.Issue{
{
Detector: "aws_instance_not_specified_iam_profile",
Type: "NOTICE",
Message: "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate the instance.",
Line: 2,
File: "test.tf",
Link: "https://github.com/wata727/tflint/blob/master/docs/aws_instance_not_specified_iam_profile.md",
},
},
},
{
Name: "iam_instance_profile is not specified and Terraform version is 0.8.8",
Src: `
resource "aws_instance" "web" {
instance_type = "t2.2xlarge"
}`,
Config: &config.Config{
TerraformVersion: "0.8.8",
},
Issues: []*issue.Issue{},
},
}
Expand All @@ -49,7 +83,7 @@ resource "aws_instance" "web" {
"CreateAwsInstanceNotSpecifiedIAMProfileDetector",
tc.Src,
"",
config.Init(),
tc.Config,
config.Init().NewAwsClient(),
&issues,
)
Expand Down
4 changes: 2 additions & 2 deletions docs/aws_instance_not_specified_iam_profile.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ The following is the execution result of TFLint:
```
$ tflint
template.tf
NOTICE:1 "iam_instance_profile" is not specified. If you want to change it, you need to recreate instance. (Only less than Terraform 0.8.8)
NOTICE:1 "iam_instance_profile" is not specified. If you want to change it, you need to recreate the instance.

Result: 1 issues (0 errors , 0 warnings , 1 notices)
```
Expand All @@ -28,7 +28,7 @@ You can select only one IAM profile at instance setup. However, if you do not se

Even if you think that you do not need an IAM profile, we recommend that you specify a dummy. Then you can change the privilege when you need it, so you can escape the recreate of the instance.

NOTE: There is good news that Terraform 0.8.8 and later can change it later. However, it is better to give proper authority from the beginning. If you change it later, there is a possibility that your application may have unexpected effects.
NOTE: There is good news that Terraform 0.8.8 and later can change it later. If `terraform_version` is greater than `0.8.8`, This issue is not reported.

## How To Fix
Please add `iam_instance_profile` attribute.
6 changes: 4 additions & 2 deletions glide.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions glide.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,4 @@ import:
- package: github.com/mitchellh/go-homedir
- package: github.com/jessevdk/go-flags
version: ^1.2.0
- package: github.com/hashicorp/go-version
2 changes: 1 addition & 1 deletion integration/general/result.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
{
"detector": "aws_instance_not_specified_iam_profile",
"type": "NOTICE",
"message": "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate instance. (Only less than Terraform 0.8.8)",
"message": "\"iam_instance_profile\" is not specified. If you want to change it, you need to recreate the instance.",
"line": 5,
"file": "github.com/wata727/example-module/aws_instance.tf",
"link": "https://github.com/wata727/tflint/blob/master/docs/aws_instance_not_specified_iam_profile.md"
Expand Down