From bb0aa09b6081765c817953fa3e84510a97f95968 Mon Sep 17 00:00:00 2001 From: Kazuma Watanabe Date: Sat, 25 May 2024 16:03:59 +0900 Subject: [PATCH] Update Magic Modules (#359) --- rules/magicmodules/api_definition.go | 14 +++ ..._interconnect_invalid_interconnect_type.go | 91 +++++++++++++++++++ ..._compute_interconnect_invalid_link_type.go | 91 +++++++++++++++++++ ...oogle_compute_interconnect_invalid_name.go | 90 ++++++++++++++++++ ...te_router_nat_invalid_auto_network_tier.go | 91 +++++++++++++++++++ .../google_looker_instance_invalid_name.go | 2 +- ...tapp_storage_pool_invalid_service_level.go | 2 +- ..._security_security_profile_invalid_type.go | 91 +++++++++++++++++++ ...spection_policy_invalid_min_tls_version.go | 91 +++++++++++++++++++ ...tion_policy_invalid_tls_feature_profile.go | 91 +++++++++++++++++++ ...extension_invalid_load_balancing_scheme.go | 91 +++++++++++++++++++ ...extension_invalid_load_balancing_scheme.go | 91 +++++++++++++++++++ rules/magicmodules/provider.go | 9 ++ tools/magic-modules | 2 +- 14 files changed, 844 insertions(+), 3 deletions(-) create mode 100644 rules/magicmodules/google_compute_interconnect_invalid_interconnect_type.go create mode 100644 rules/magicmodules/google_compute_interconnect_invalid_link_type.go create mode 100644 rules/magicmodules/google_compute_interconnect_invalid_name.go create mode 100644 rules/magicmodules/google_compute_router_nat_invalid_auto_network_tier.go create mode 100644 rules/magicmodules/google_network_security_security_profile_invalid_type.go create mode 100644 rules/magicmodules/google_network_security_tls_inspection_policy_invalid_min_tls_version.go create mode 100644 rules/magicmodules/google_network_security_tls_inspection_policy_invalid_tls_feature_profile.go create mode 100644 rules/magicmodules/google_network_services_lb_route_extension_invalid_load_balancing_scheme.go create mode 100644 rules/magicmodules/google_network_services_lb_traffic_extension_invalid_load_balancing_scheme.go diff --git a/rules/magicmodules/api_definition.go b/rules/magicmodules/api_definition.go index d994e36..eff24b7 100644 --- a/rules/magicmodules/api_definition.go +++ b/rules/magicmodules/api_definition.go @@ -38,6 +38,7 @@ var APIDefinition = map[string]string{ "google_compute_instance_group_membership": "compute.googleapis.com", "google_compute_instance_group_named_port": "compute.googleapis.com", "google_compute_instance_settings": "compute.googleapis.com", + "google_compute_interconnect": "compute.googleapis.com", "google_compute_interconnect_attachment": "compute.googleapis.com", "google_compute_managed_ssl_certificate": "compute.googleapis.com", "google_compute_network": "compute.googleapis.com", @@ -198,7 +199,10 @@ var APIDefinition = map[string]string{ "google_data_catalog_taxonomy": "datacatalog.googleapis.com", "google_data_fusion_instance": "datafusion.googleapis.com", "google_data_pipeline_pipeline": "datapipelines.googleapis.com", + "google_dataplex_aspect_type": "dataplex.googleapis.com", "google_dataplex_datascan": "dataplex.googleapis.com", + "google_dataplex_entry_group": "dataplex.googleapis.com", + "google_dataplex_entry_type": "dataplex.googleapis.com", "google_dataplex_task": "dataplex.googleapis.com", "google_dataproc_autoscaling_policy": "dataproc.googleapis.com", "google_datastore_index": "datastore.googleapis.com", @@ -281,6 +285,7 @@ var APIDefinition = map[string]string{ "google_identity_platform_tenant_oauth_idp_config": "identitytoolkit.googleapis.com", "google_integration_connectors_connection": "connectors.googleapis.com", "google_integration_connectors_endpoint_attachment": "connectors.googleapis.com", + "google_integration_connectors_managed_zone": "connectors.googleapis.com", "google_integrations_auth_config": "integrations.googleapis.com", "google_integrations_client": "integrations.googleapis.com", "google_kms_crypto_key": "cloudkms.googleapis.com", @@ -296,6 +301,7 @@ var APIDefinition = map[string]string{ "google_logging_organization_settings": "logging.googleapis.com", "google_looker_instance": "looker.googleapis.com", "google_memcache_instance": "memcache.googleapis.com", + "google_dataproc_metastore_federation": "metastore.googleapis.com", "google_dataproc_metastore_service": "metastore.googleapis.com", "google_migration_center_group": "migrationcenter.googleapis.com", "google_migration_center_preference_set": "migrationcenter.googleapis.com", @@ -323,13 +329,20 @@ var APIDefinition = map[string]string{ "google_network_connectivity_service_connection_policy": "networkconnectivity.googleapis.com", "google_network_management_connectivity_test_resource": "networkmanagement.googleapis.com", "google_network_security_address_group": "networksecurity.googleapis.com", + "google_network_security_firewall_endpoint": "networksecurity.googleapis.com", + "google_network_security_firewall_endpoint_association": "networksecurity.googleapis.com", "google_network_security_gateway_security_policy": "networksecurity.googleapis.com", "google_network_security_gateway_security_policy_rule": "networksecurity.googleapis.com", + "google_network_security_security_profile": "networksecurity.googleapis.com", + "google_network_security_security_profile_group": "networksecurity.googleapis.com", + "google_network_security_tls_inspection_policy": "networksecurity.googleapis.com", "google_network_security_url_lists": "networksecurity.googleapis.com", "google_network_services_edge_cache_keyset": "networkservices.googleapis.com", "google_network_services_edge_cache_origin": "networkservices.googleapis.com", "google_network_services_edge_cache_service": "networkservices.googleapis.com", "google_network_services_gateway": "networkservices.googleapis.com", + "google_network_services_lb_route_extension": "networkservices.googleapis.com", + "google_network_services_lb_traffic_extension": "networkservices.googleapis.com", "google_notebooks_environment": "notebooks.googleapis.com", "google_notebooks_instance": "notebooks.googleapis.com", "google_notebooks_location": "notebooks.googleapis.com", @@ -340,6 +353,7 @@ var APIDefinition = map[string]string{ "google_privateca_ca_pool": "privateca.googleapis.com", "google_privateca_certificate": "privateca.googleapis.com", "google_privateca_certificate_authority": "privateca.googleapis.com", + "google_privateca_certificate_template": "privateca.googleapis.com", "google_public_ca_external_account_key": "publicca.googleapis.com", "google_pubsub_schema": "pubsub.googleapis.com", "google_pubsub_subscription": "pubsub.googleapis.com", diff --git a/rules/magicmodules/google_compute_interconnect_invalid_interconnect_type.go b/rules/magicmodules/google_compute_interconnect_invalid_interconnect_type.go new file mode 100644 index 0000000..f57bd4d --- /dev/null +++ b/rules/magicmodules/google_compute_interconnect_invalid_interconnect_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeInterconnectInvalidInterconnectTypeRule checks the pattern is valid +type GoogleComputeInterconnectInvalidInterconnectTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeInterconnectInvalidInterconnectTypeRule returns new rule with default attributes +func NewGoogleComputeInterconnectInvalidInterconnectTypeRule() *GoogleComputeInterconnectInvalidInterconnectTypeRule { + return &GoogleComputeInterconnectInvalidInterconnectTypeRule{ + resourceType: "google_compute_interconnect", + attributeName: "interconnect_type", + } +} + +// Name returns the rule name +func (r *GoogleComputeInterconnectInvalidInterconnectTypeRule) Name() string { + return "google_compute_interconnect_invalid_interconnect_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeInterconnectInvalidInterconnectTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeInterconnectInvalidInterconnectTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeInterconnectInvalidInterconnectTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeInterconnectInvalidInterconnectTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"DEDICATED", "PARTNER", "IT_PRIVATE"}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_compute_interconnect_invalid_link_type.go b/rules/magicmodules/google_compute_interconnect_invalid_link_type.go new file mode 100644 index 0000000..eef89f7 --- /dev/null +++ b/rules/magicmodules/google_compute_interconnect_invalid_link_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeInterconnectInvalidLinkTypeRule checks the pattern is valid +type GoogleComputeInterconnectInvalidLinkTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeInterconnectInvalidLinkTypeRule returns new rule with default attributes +func NewGoogleComputeInterconnectInvalidLinkTypeRule() *GoogleComputeInterconnectInvalidLinkTypeRule { + return &GoogleComputeInterconnectInvalidLinkTypeRule{ + resourceType: "google_compute_interconnect", + attributeName: "link_type", + } +} + +// Name returns the rule name +func (r *GoogleComputeInterconnectInvalidLinkTypeRule) Name() string { + return "google_compute_interconnect_invalid_link_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeInterconnectInvalidLinkTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeInterconnectInvalidLinkTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeInterconnectInvalidLinkTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeInterconnectInvalidLinkTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"LINK_TYPE_ETHERNET_10G_LR", "LINK_TYPE_ETHERNET_100G_LR"}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_compute_interconnect_invalid_name.go b/rules/magicmodules/google_compute_interconnect_invalid_name.go new file mode 100644 index 0000000..69cea13 --- /dev/null +++ b/rules/magicmodules/google_compute_interconnect_invalid_name.go @@ -0,0 +1,90 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeInterconnectInvalidNameRule checks the pattern is valid +type GoogleComputeInterconnectInvalidNameRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeInterconnectInvalidNameRule returns new rule with default attributes +func NewGoogleComputeInterconnectInvalidNameRule() *GoogleComputeInterconnectInvalidNameRule { + return &GoogleComputeInterconnectInvalidNameRule{ + resourceType: "google_compute_interconnect", + attributeName: "name", + } +} + +// Name returns the rule name +func (r *GoogleComputeInterconnectInvalidNameRule) Name() string { + return "google_compute_interconnect_invalid_name" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeInterconnectInvalidNameRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeInterconnectInvalidNameRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeInterconnectInvalidNameRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeInterconnectInvalidNameRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validateRegexp(`^[a-z]([-a-z0-9]*[a-z0-9])?$`) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_compute_router_nat_invalid_auto_network_tier.go b/rules/magicmodules/google_compute_router_nat_invalid_auto_network_tier.go new file mode 100644 index 0000000..ab70e7d --- /dev/null +++ b/rules/magicmodules/google_compute_router_nat_invalid_auto_network_tier.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeRouterNatInvalidAutoNetworkTierRule checks the pattern is valid +type GoogleComputeRouterNatInvalidAutoNetworkTierRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeRouterNatInvalidAutoNetworkTierRule returns new rule with default attributes +func NewGoogleComputeRouterNatInvalidAutoNetworkTierRule() *GoogleComputeRouterNatInvalidAutoNetworkTierRule { + return &GoogleComputeRouterNatInvalidAutoNetworkTierRule{ + resourceType: "google_compute_router_nat", + attributeName: "auto_network_tier", + } +} + +// Name returns the rule name +func (r *GoogleComputeRouterNatInvalidAutoNetworkTierRule) Name() string { + return "google_compute_router_nat_invalid_auto_network_tier" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeRouterNatInvalidAutoNetworkTierRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeRouterNatInvalidAutoNetworkTierRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeRouterNatInvalidAutoNetworkTierRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeRouterNatInvalidAutoNetworkTierRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"PREMIUM", "STANDARD", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_looker_instance_invalid_name.go b/rules/magicmodules/google_looker_instance_invalid_name.go index d7cd30c..58ab9de 100644 --- a/rules/magicmodules/google_looker_instance_invalid_name.go +++ b/rules/magicmodules/google_looker_instance_invalid_name.go @@ -71,7 +71,7 @@ func (r *GoogleLookerInstanceInvalidNameRule) Check(runner tflint.Runner) error } err := runner.EvaluateExpr(attribute.Expr, func(val string) error { - validateFunc := validateRegexp(`^[a-z][a-z0-9-]{0,39}[a-z0-9]$`) + validateFunc := validateRegexp(`^[a-z][a-z0-9-]{0,61}[a-z0-9]$`) _, errors := validateFunc(val, r.attributeName) for _, err := range errors { diff --git a/rules/magicmodules/google_netapp_storage_pool_invalid_service_level.go b/rules/magicmodules/google_netapp_storage_pool_invalid_service_level.go index ff35006..9587aab 100644 --- a/rules/magicmodules/google_netapp_storage_pool_invalid_service_level.go +++ b/rules/magicmodules/google_netapp_storage_pool_invalid_service_level.go @@ -72,7 +72,7 @@ func (r *GoogleNetappStoragePoolInvalidServiceLevelRule) Check(runner tflint.Run } err := runner.EvaluateExpr(attribute.Expr, func(val string) error { - validateFunc := validation.StringInSlice([]string{"PREMIUM", "EXTREME", "STANDARD"}, false) + validateFunc := validation.StringInSlice([]string{"PREMIUM", "EXTREME", "STANDARD", "FLEX"}, false) _, errors := validateFunc(val, r.attributeName) for _, err := range errors { diff --git a/rules/magicmodules/google_network_security_security_profile_invalid_type.go b/rules/magicmodules/google_network_security_security_profile_invalid_type.go new file mode 100644 index 0000000..1b5c824 --- /dev/null +++ b/rules/magicmodules/google_network_security_security_profile_invalid_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleNetworkSecuritySecurityProfileInvalidTypeRule checks the pattern is valid +type GoogleNetworkSecuritySecurityProfileInvalidTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleNetworkSecuritySecurityProfileInvalidTypeRule returns new rule with default attributes +func NewGoogleNetworkSecuritySecurityProfileInvalidTypeRule() *GoogleNetworkSecuritySecurityProfileInvalidTypeRule { + return &GoogleNetworkSecuritySecurityProfileInvalidTypeRule{ + resourceType: "google_network_security_security_profile", + attributeName: "type", + } +} + +// Name returns the rule name +func (r *GoogleNetworkSecuritySecurityProfileInvalidTypeRule) Name() string { + return "google_network_security_security_profile_invalid_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleNetworkSecuritySecurityProfileInvalidTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleNetworkSecuritySecurityProfileInvalidTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleNetworkSecuritySecurityProfileInvalidTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleNetworkSecuritySecurityProfileInvalidTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"THREAT_PREVENTION"}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_min_tls_version.go b/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_min_tls_version.go new file mode 100644 index 0000000..e8007ec --- /dev/null +++ b/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_min_tls_version.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule checks the pattern is valid +type GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule returns new rule with default attributes +func NewGoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule() *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule { + return &GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule{ + resourceType: "google_network_security_tls_inspection_policy", + attributeName: "min_tls_version", + } +} + +// Name returns the rule name +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule) Name() string { + return "google_network_security_tls_inspection_policy_invalid_min_tls_version" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"TLS_VERSION_UNSPECIFIED", "TLS_1_0", "TLS_1_1", "TLS_1_2", "TLS_1_3", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_tls_feature_profile.go b/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_tls_feature_profile.go new file mode 100644 index 0000000..28909ca --- /dev/null +++ b/rules/magicmodules/google_network_security_tls_inspection_policy_invalid_tls_feature_profile.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule checks the pattern is valid +type GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule returns new rule with default attributes +func NewGoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule() *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule { + return &GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule{ + resourceType: "google_network_security_tls_inspection_policy", + attributeName: "tls_feature_profile", + } +} + +// Name returns the rule name +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule) Name() string { + return "google_network_security_tls_inspection_policy_invalid_tls_feature_profile" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"PROFILE_UNSPECIFIED", "PROFILE_COMPATIBLE", "PROFILE_MODERN", "PROFILE_RESTRICTED", "PROFILE_CUSTOM", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_network_services_lb_route_extension_invalid_load_balancing_scheme.go b/rules/magicmodules/google_network_services_lb_route_extension_invalid_load_balancing_scheme.go new file mode 100644 index 0000000..3286f81 --- /dev/null +++ b/rules/magicmodules/google_network_services_lb_route_extension_invalid_load_balancing_scheme.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule checks the pattern is valid +type GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule returns new rule with default attributes +func NewGoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule() *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule { + return &GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule{ + resourceType: "google_network_services_lb_route_extension", + attributeName: "load_balancing_scheme", + } +} + +// Name returns the rule name +func (r *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule) Name() string { + return "google_network_services_lb_route_extension_invalid_load_balancing_scheme" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"INTERNAL_MANAGED", "EXTERNAL_MANAGED"}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_network_services_lb_traffic_extension_invalid_load_balancing_scheme.go b/rules/magicmodules/google_network_services_lb_traffic_extension_invalid_load_balancing_scheme.go new file mode 100644 index 0000000..e9f0534 --- /dev/null +++ b/rules/magicmodules/google_network_services_lb_traffic_extension_invalid_load_balancing_scheme.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule checks the pattern is valid +type GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule returns new rule with default attributes +func NewGoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule() *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule { + return &GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule{ + resourceType: "google_network_services_lb_traffic_extension", + attributeName: "load_balancing_scheme", + } +} + +// Name returns the rule name +func (r *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule) Name() string { + return "google_network_services_lb_traffic_extension_invalid_load_balancing_scheme" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"INTERNAL_MANAGED", "EXTERNAL_MANAGED", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/provider.go b/rules/magicmodules/provider.go index 0a410e3..cacc558 100644 --- a/rules/magicmodules/provider.go +++ b/rules/magicmodules/provider.go @@ -96,6 +96,9 @@ var Rules = []tflint.Rule{ NewGoogleComputeInterconnectAttachmentInvalidNameRule(), NewGoogleComputeInterconnectAttachmentInvalidStackTypeRule(), NewGoogleComputeInterconnectAttachmentInvalidTypeRule(), + NewGoogleComputeInterconnectInvalidInterconnectTypeRule(), + NewGoogleComputeInterconnectInvalidLinkTypeRule(), + NewGoogleComputeInterconnectInvalidNameRule(), NewGoogleComputeManagedSslCertificateInvalidTypeRule(), NewGoogleComputeNetworkEndpointGroupInvalidNetworkEndpointTypeRule(), NewGoogleComputeNetworkInvalidNetworkFirewallPolicyEnforcementOrderRule(), @@ -111,6 +114,7 @@ var Rules = []tflint.Rule{ NewGoogleComputeRegionSslPolicyInvalidProfileRule(), NewGoogleComputeRegionTargetTcpProxyInvalidProxyHeaderRule(), NewGoogleComputeRouteInvalidNameRule(), + NewGoogleComputeRouterNatInvalidAutoNetworkTierRule(), NewGoogleComputeRouterNatInvalidNatIpAllocateOptionRule(), NewGoogleComputeRouterNatInvalidSourceSubnetworkIpRangesToNatRule(), NewGoogleComputeSslPolicyInvalidMinTlsVersionRule(), @@ -194,8 +198,13 @@ var Rules = []tflint.Rule{ NewGoogleNetworkConnectivityRegionalEndpointInvalidAccessTypeRule(), NewGoogleNetworkSecurityAddressGroupInvalidTypeRule(), NewGoogleNetworkSecurityGatewaySecurityPolicyRuleInvalidBasicProfileRule(), + NewGoogleNetworkSecuritySecurityProfileInvalidTypeRule(), + NewGoogleNetworkSecurityTlsInspectionPolicyInvalidMinTlsVersionRule(), + NewGoogleNetworkSecurityTlsInspectionPolicyInvalidTlsFeatureProfileRule(), NewGoogleNetworkServicesEdgeCacheOriginInvalidProtocolRule(), NewGoogleNetworkServicesGatewayInvalidTypeRule(), + NewGoogleNetworkServicesLbRouteExtensionInvalidLoadBalancingSchemeRule(), + NewGoogleNetworkServicesLbTrafficExtensionInvalidLoadBalancingSchemeRule(), NewGoogleNotebooksInstanceInvalidBootDiskTypeRule(), NewGoogleNotebooksInstanceInvalidDataDiskTypeRule(), NewGoogleNotebooksInstanceInvalidDiskEncryptionRule(), diff --git a/tools/magic-modules b/tools/magic-modules index 36c355b..89bb69f 160000 --- a/tools/magic-modules +++ b/tools/magic-modules @@ -1 +1 @@ -Subproject commit 36c355b68b7224e7980231a999cdad71efc158ba +Subproject commit 89bb69fb454f81108eae9747ffe90c024e58c9aa