feat: support provider aliases #342
Conversation
|
It failed to parse the attribute resource "aws_instance" "reverse_proxy_a01" {
ami = "ami-088da9557aae42f39"
instance_type = "t3.micro"
key_name = "bootstrap"
provider = aws.us-east-1
}func (r *Runner) AwsClient(attributes hclext.Attributes) (*Client, error) {
provider := "aws"
if attr, exists := attributes["provider"]; exists {
if diags := gohcl.DecodeExpression(attr.Expr, nil, &provider); diags.HasErrors() {
logger.Error("parse provider attribute")
return nil, diags
}
logger.Info("provider: " + provider)
}
awsClient, ok := r.AwsClients[provider]
if !ok {
return nil, fmt.Errorf("aws provider %s isn't found", provider)
}
return awsClient, nil
} if diags := gohcl.DecodeExpression(attr.Expr, nil, &provider); diags.HasErrors() { provider = aws.us-east-1$ terraform validate
Success! The configuration is valid. |
|
Umm... As you say, it seems that it is necessary to reimplement the I think we doesn't need to reproduce all implementations completely, for example, support for legacy configuration language can be ignored. The important thing is to get the list of traversals with |
|
67a6433 Copied required code. |
|
Mozilla Public License, version 2.0 |
suzuki-shunsuke
changed the title
| if err != nil { | ||
| return nil, err | ||
| } | ||
| clients[k] = client |
There was a problem hiding this comment.
I noticed that the client is not initialized as before if you don't declare any provider blocks. Previously, if you wrote a credential in .tflint.hcl, you should have been able to enable deep checking without a provider block. e.g.
plugin "aws" {
enabled = true
access_key = "AWS_ACCESS_KEY",
secret_key = "AWS_SECRET_KEY",
}resource "aws_instance" "foo" {
ami = "invalid"
}There was a problem hiding this comment.
Fixed. f73855a
There was a problem hiding this comment.
https://github.com/terraform-linters/tflint-ruleset-aws/blob/master/docs/deep_checking.md#shared-credentials
https://github.com/terraform-linters/tflint-ruleset-aws/blob/master/docs/deep_checking.md#static-credentials
If these configurations are defined in the provider block, they will also be taken into account. But the priority is lower than the above way.
The priority is higher than the environment variable and lower than the above way.
Hmm... Maybe we have to fix f73855a according to the priority.
There was a problem hiding this comment.
The priority of plugin setting is higher than provider.
There was a problem hiding this comment.
Fixed. 313f0da
| @@ -72,13 +72,18 @@ func (r *AwsInstanceInvalidAMIRule) Check(rr tflint.Runner) error { | |||
| continue | |||
| } | |||
|
|
|||
| awsClient, err := runner.AwsClient(resource.Body.Attributes) | |||
There was a problem hiding this comment.
You need to get the provider attribute explicitly like any other rule.
There was a problem hiding this comment.
Fixed. 821423f
| @@ -72,13 +72,18 @@ func (r *AwsLaunchConfigurationInvalidImageIDRule) Check(rr tflint.Runner) error | |||
| continue | |||
| } | |||
|
|
|||
| awsClient, err := runner.AwsClient(resource.Body.Attributes) | |||
There was a problem hiding this comment.
Same as aws_instance_invalid_rule.
There was a problem hiding this comment.
Fixed. 821423f
Yes. We changed TFLint's license 4 years ago to follow this case. MPL 2.0 is a weak copyleft and the Large Work is allowed under the same license. |
|
Thank you for your support! |
#331
Follow up #332 (comment)