Merge branch 'master' of github.com:JamesWoolfenden/pike

JamesWoolfenden · Nov 7, 2024 · 7d5daa9 · 7d5daa9
2 parents 4331c7a + 3c8d2b4
commit 7d5daa9
Show file tree

Hide file tree

Showing 17 changed files with 2,969 additions and 3,169 deletions.
diff --git a/go.mod b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/hashicorp/hc-install v0.9.0
 	github.com/hashicorp/hcl/v2 v2.22.0
 	github.com/hashicorp/terraform-exec v0.21.0
-	github.com/jameswoolfenden/identity v0.0.4
+	github.com/jameswoolfenden/identity v0.0.5
 	github.com/rs/zerolog v1.33.0
 	github.com/urfave/cli/v2 v2.27.5
 	golang.org/x/crypto v0.28.0

diff --git a/go.sum b/go.sum
@@ -114,8 +114,8 @@ github.com/hashicorp/terraform-exec v0.21.0/go.mod h1:1PPeMYou+KDUSSeRE9szMZ/oHf
 github.com/hashicorp/terraform-json v0.23.0 h1:sniCkExU4iKtTADReHzACkk8fnpQXrdD2xoR+lppBkI=
 github.com/hashicorp/terraform-json v0.23.0/go.mod h1:MHdXbBAbSg0GvzuWazEGKAn/cyNfIB7mN6y7KJN6y2c=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/jameswoolfenden/identity v0.0.4 h1:O2bX2A0N5mrvGJRbF20agZTxaK2kiXE5zVByko/j5SM=
-github.com/jameswoolfenden/identity v0.0.4/go.mod h1:jaMZrHefs1GhLm4k13RLYyarODAXXlYjDwbc9DBxeqw=
+github.com/jameswoolfenden/identity v0.0.5 h1:y7s6+Nvk21a81eHspwTteO0HVq49nZJFmNu9V72whnY=
+github.com/jameswoolfenden/identity v0.0.5/go.mod h1:kQfxlwgjvu8RKuFzd9QeudGeypQQglBXwRLUpk3VQnA=
 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
 github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=

diff --git a/src/aws_datasource.go b/src/aws_datasource.go
@@ -599,6 +599,7 @@ func AwsDataLookup(find string) interface{} { //nolint:maintidx
 		"aws_workspaces_directory":                                              dataAwsWorkspaceDirectory,
 		"aws_workspaces_image":                                                  dataAwsWorkspaceImage,
 		"aws_ssm_patch_baselines":                                               dataAwsSsmPatchBaselines,
+		"aws_lb_listener_rule":                                                  dataAwsLbListenerRule,
 	}
 
 	return TFLookup[find]

diff --git a/src/coverage/aws.md b/src/coverage/aws.md
diff --git a/src/coverage/azure.md b/src/coverage/azure.md
@@ -1,6 +1,6 @@
 # todo azure
 
-Resource percentage coverage   4.66
+Resource percentage coverage   4.64
 Datasource percentage coverage 36.20
 
 ./resource.ps1 azurerm_aadb2c_directory
@@ -229,6 +229,7 @@ Datasource percentage coverage 36.20
 ./resource.ps1 azurerm_custom_provider
 ./resource.ps1 azurerm_dashboard
 ./resource.ps1 azurerm_dashboard_grafana
+./resource.ps1 azurerm_dashboard_grafana_managed_private_endpoint
 ./resource.ps1 azurerm_data_factory
 ./resource.ps1 azurerm_data_factory_credential_service_principal
 ./resource.ps1 azurerm_data_factory_credential_user_managed_identity
@@ -281,6 +282,7 @@ Datasource percentage coverage 36.20
 ./resource.ps1 azurerm_data_protection_backup_instance_blob_storage
 ./resource.ps1 azurerm_data_protection_backup_instance_disk
 ./resource.ps1 azurerm_data_protection_backup_instance_kubernetes_cluster
+./resource.ps1 azurerm_data_protection_backup_instance_mysql_flexible_server
 ./resource.ps1 azurerm_data_protection_backup_instance_postgresql
 ./resource.ps1 azurerm_data_protection_backup_instance_postgresql_flexible_server
 ./resource.ps1 azurerm_data_protection_backup_policy_blob_storage
@@ -858,6 +860,8 @@ Datasource percentage coverage 36.20
 ./resource.ps1 azurerm_static_web_app_custom_domain
 ./resource.ps1 azurerm_static_web_app_function_app_registration
 ./resource.ps1 azurerm_storage_account_local_user
+./resource.ps1 azurerm_storage_account_queue_properties
+./resource.ps1 azurerm_storage_account_static_website
 ./resource.ps1 azurerm_storage_blob
 ./resource.ps1 azurerm_storage_blob_inventory_policy
 ./resource.ps1 azurerm_storage_container_immutability_policy

diff --git a/src/coverage/google.md b/src/coverage/google.md
@@ -1,7 +1,7 @@
 # todo google
 
-Resource percentage coverage   19.30
-Datasource percentage coverage 75.94
+Resource percentage coverage   19.25
+Datasource percentage coverage 75.70
 
 ./resource.ps1 google_access_context_manager_access_level_condition
 ./resource.ps1 google_access_context_manager_service_perimeter_dry_run_egress_policy
@@ -50,6 +50,7 @@ Datasource percentage coverage 75.94
 ./resource.ps1 google_artifact_registry_vpcsc_config
 ./resource.ps1 google_assured_workloads_workload
 ./resource.ps1 google_backup_dr_backup_plan
+./resource.ps1 google_backup_dr_backup_plan_association
 ./resource.ps1 google_backup_dr_backup_vault
 ./resource.ps1 google_backup_dr_management_server
 ./resource.ps1 google_beyondcorp_app_connection
@@ -499,6 +500,7 @@ Datasource percentage coverage 75.94
 ./resource.ps1 google_healthcare_workspace
 ./resource.ps1 google_iam_access_boundary_policy
 ./resource.ps1 google_iam_deny_policy
+./resource.ps1 google_iam_principal_access_boundary_policy
 ./resource.ps1 google_iam_workforce_pool
 ./resource.ps1 google_iam_workforce_pool_provider
 ./resource.ps1 google_iam_workload_identity_pool
@@ -617,6 +619,7 @@ Datasource percentage coverage 75.94
 ./resource.ps1 google_network_connectivity_regional_endpoint
 ./resource.ps1 google_network_connectivity_service_connection_policy
 ./resource.ps1 google_network_connectivity_spoke
+./resource.ps1 google_network_management_vpc_flow_logs_config
 ./resource.ps1 google_network_security_address_group
 ./resource.ps1 google_network_security_address_group_iam_binding
 ./resource.ps1 google_network_security_address_group_iam_member
@@ -819,6 +822,7 @@ Datasource percentage coverage 75.94
 ./resource.ps1 google_apphub_discovered_workload -type data
 ./resource.ps1 google_artifact_registry_docker_image -type data
 ./resource.ps1 google_artifact_registry_locations -type data
+./resource.ps1 google_backup_dr_backup_plan_association -type data
 ./resource.ps1 google_bigquery_tables -type data
 ./resource.ps1 google_certificate_manager_certificates -type data
 ./resource.ps1 google_cloud_identity_group_transitive_memberships -type data

diff --git a/src/data.go b/src/data.go
@@ -66,7 +66,7 @@ func GetResources(file string, dirName string) ([]ResourceV2, error) {
 		} else {
 			resource.Provider = "unknown"
 
-			log.Print("parsing error for ", block)
+			log.Info().Msgf("parsing error for %s", block.Type)
 		}
 
 		Resources = append(Resources, resource)

diff --git a/src/error.go b/src/error.go
@@ -46,5 +46,5 @@ type backendExistsError struct {
 }
 
 func (m *backendExistsError) Error() string {
-	return fmt.Sprint("no Backend found")
+	return "backend already exists"
 }
diff --git a/src/error_test.go b/src/error_test.go
@@ -137,12 +137,12 @@ func TestBackendExistsError_Error(t *testing.T) {
 		{
 			name: "basic backend error",
 			m:    &backendExistsError{},
-			want: "no Backend found",
+			want: "backend already exists",
 		},
 		{
 			name: "new instance",
 			m:    new(backendExistsError),
-			want: "no Backend found",
+			want: "backend already exists",
 		},
 	}
 

diff --git a/src/files_datasource.go b/src/files_datasource.go
@@ -1530,3 +1530,6 @@ var dataAwsRoute53profilesProfiles []byte
 
 //go:embed mapping/aws/data/ssm/aws_ssm_patch_baselines.json
 var dataAwsSsmPatchBaselines []byte
+
+//go:embed mapping/aws/data/elasticloadbalancing/aws_lb_listener_rule.json
+var dataAwsLbListenerRule []byte
diff --git a/src/inspect_test.go b/src/inspect_test.go
@@ -1,3 +1,6 @@
+//go:build auth
+// +build auth
+
 package pike
 
 import (
@@ -240,6 +243,12 @@ func TestInspectExtended(t *testing.T) {
 		init      bool
 	}
 
+	myDiff := PolicyDiff{
+		Over: []string{"ssm:DescribePatchBaselines"},
+		Under: []string{"dynamodb:DeleteItem", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:PutItem",
+			"s3:DeleteObject", "s3:GetObject", "s3:ListBucket", "s3:PutObject"},
+	}
+
 	tests := []struct {
 		name    string
 		args    args
@@ -256,12 +265,13 @@ func TestInspectExtended(t *testing.T) {
 		//	wantErr: true,
 		//},
 		{
+			//its comparing
 			name: "init true",
 			args: args{
 				directory: "../terraform/aws",
 				init:      true,
 			},
-			want:    PolicyDiff{},
+			want:    myDiff,
 			wantErr: false,
 		},
 		{

diff --git a/src/mapping/aws/data/elasticloadbalancing/aws_lb_listener_rule.json b/src/mapping/aws/data/elasticloadbalancing/aws_lb_listener_rule.json
@@ -0,0 +1,13 @@
+[
+  {
+    "apply": [],
+    "attributes": {
+      "tags": []
+    },
+    "destroy": [],
+    "modify": [],
+    "plan": [
+      "elasticloadbalancing:DescribeRules"
+    ]
+  }
+]