From e43140a49166ba9f502c6412b03382fe837b79d6 Mon Sep 17 00:00:00 2001 From: James Woolfenden Date: Tue, 21 Nov 2023 23:08:26 +0000 Subject: [PATCH] cleanup --- go.mod | 41 ++++++++-------- go.sum | 94 +++++++++++++++++++------------------ src/aws.go | 23 ++++----- src/aws_datasource.go | 2 +- src/compare.go | 1 + src/credentials.go | 4 +- src/data.go | 3 ++ src/files.go | 12 ++--- src/files_datasource.go | 2 +- src/files_gcp.go | 4 +- src/files_gcp_datasource.go | 8 ++-- src/gcp.go | 4 +- src/gcp_datasource.go | 9 ++-- src/gcp_policy.go | 1 + src/gcp_test.go | 25 ++++++---- src/gitHub.go | 1 + src/policy.go | 7 ++- src/readme.go | 2 + src/scan.go | 7 +-- src/secrets.go | 2 + src/watch.go | 1 + 21 files changed, 140 insertions(+), 113 deletions(-) diff --git a/go.mod b/go.mod index a0f323dc..334b138a 100644 --- a/go.mod +++ b/go.mod @@ -4,10 +4,10 @@ go 1.21 require ( github.com/JamesWoolfenden/arn v0.2.5 - github.com/aws/aws-sdk-go v1.47.4 - github.com/aws/aws-sdk-go-v2 v1.22.1 - github.com/aws/aws-sdk-go-v2/config v1.22.1 - github.com/aws/aws-sdk-go-v2/service/iam v1.27.0 + github.com/aws/aws-sdk-go v1.48.2 + github.com/aws/aws-sdk-go-v2 v1.23.1 + github.com/aws/aws-sdk-go-v2/config v1.25.5 + github.com/aws/aws-sdk-go-v2/service/iam v1.27.3 github.com/go-git/go-git/v5 v5.10.0 github.com/google/go-github/v47 v47.1.0 github.com/hashicorp/go-version v1.6.0 @@ -16,10 +16,10 @@ require ( github.com/hashicorp/terraform-exec v0.19.0 github.com/rs/zerolog v1.31.0 github.com/urfave/cli/v2 v2.25.7 - golang.org/x/crypto v0.14.0 - golang.org/x/exp v0.0.0-20231006140011-7918f672742d - golang.org/x/net v0.17.0 - golang.org/x/oauth2 v0.13.0 + golang.org/x/crypto v0.15.0 + golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa + golang.org/x/net v0.18.0 + golang.org/x/oauth2 v0.14.0 ) require ( @@ -29,16 +29,17 @@ require ( github.com/acomagu/bufpipe v1.0.4 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.15.1 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.2 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.5.0 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.1 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.17.0 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.25.0 // indirect - github.com/aws/smithy-go v1.16.0 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.16.4 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.17.3 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.1 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.25.4 // indirect + github.com/aws/smithy-go v1.17.0 // indirect github.com/cloudflare/circl v1.3.6 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect @@ -49,7 +50,7 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/terraform-json v0.17.1 // indirect + github.com/hashicorp/terraform-json v0.18.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect @@ -66,7 +67,7 @@ require ( golang.org/x/mod v0.14.0 // indirect golang.org/x/sys v0.14.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/tools v0.14.0 // indirect + golang.org/x/tools v0.15.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect diff --git a/go.sum b/go.sum index 2ccab5ca..5fc3379a 100644 --- a/go.sum +++ b/go.sum @@ -17,34 +17,36 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/aws/aws-sdk-go v1.47.4 h1:IyhNbmPt+5ldi5HNzv7ZnXiqSglDMaJiZlzj4Yq3qnk= -github.com/aws/aws-sdk-go v1.47.4/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go-v2 v1.22.1 h1:sjnni/AuoTXxHitsIdT0FwmqUuNUuHtufcVDErVFT9U= -github.com/aws/aws-sdk-go-v2 v1.22.1/go.mod h1:Kd0OJtkW3Q0M0lUWGszapWjEvrXDzRW+D21JNsroB+c= -github.com/aws/aws-sdk-go-v2/config v1.22.1 h1:UrRYnF7mXCGuKmZWlczOXeH0WUbQpi/gseQIPtrhme8= -github.com/aws/aws-sdk-go-v2/config v1.22.1/go.mod h1:2eWgw5lps8fKI7LZVTrRTYP6HE6k/uEFUuTSHfXwqP0= -github.com/aws/aws-sdk-go-v2/credentials v1.15.1 h1:hmf6lAm9hk7uLCfapZn/jL05lm6Uwdbn1B0fgjyuf4M= -github.com/aws/aws-sdk-go-v2/credentials v1.15.1/go.mod h1:QTcHga3ZbQOneJuxmGBOCxiClxmp+TlvmjFexAnJ790= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.2 h1:gIeH4+o1MN/caGBWjoGQTUTIu94xD6fI5B2+TcwBf70= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.2/go.mod h1:wLyMIo/zPOhQhPXTddpfdkSleyigtFi8iMnC+2m/SK4= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.1 h1:fi1ga6WysOyYb5PAf3Exd6B5GiSNpnZim4h1rhlBqx0= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.1/go.mod h1:V5CY8wNurvPUibTi9mwqUqpiFZ5LnioKWIFUDtIzdI8= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.1 h1:ZpaV/j48RlPc4AmOZuPv22pJliXjXq8/reL63YzyFnw= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.1/go.mod h1:R8aXraabD2e3qv1csxM14/X9WF4wFMIY0kH4YEtYD5M= -github.com/aws/aws-sdk-go-v2/internal/ini v1.5.0 h1:DqOQvIfmGkXZUVJnl9VRk0AnxyS59tCtX9k1Pyss4Ak= -github.com/aws/aws-sdk-go-v2/internal/ini v1.5.0/go.mod h1:VV/Kbw9Mg1GWJOT9WK+oTL3cWZiXtapnNvDSRqTZLsg= -github.com/aws/aws-sdk-go-v2/service/iam v1.27.0 h1:Yho1UMoY/Gno30by4l7dXgIdr78t4OuIpw3VT1xz/zE= -github.com/aws/aws-sdk-go-v2/service/iam v1.27.0/go.mod h1:K+kpOBBIGJKPAVdyzzCRR6ssqxpVG6SioxWi2/uWctk= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.1 h1:2OXw3ppu1XsB6rqKEMV4tnecTjIY3PRV2U6IP6KPJQo= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.1/go.mod h1:FZB4AdakIqW/yERVdGJA6Z9jraax1beXfhBBnK2wwR8= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.0 h1:I/Oh3IxGPfHXiGnwM54TD6hNr/8TlUrBXAtTyGhR+zw= -github.com/aws/aws-sdk-go-v2/service/sso v1.17.0/go.mod h1:H6NCMvDBqA+CvIaXzaSqM6LWtzv9BzZrqBOqz+PzRF8= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.0 h1:irbXQkfVYIRaewYSXcu4yVk0m2T+JzZd0dkop7FjmO0= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.0/go.mod h1:4wPNCkM22+oRe71oydP66K50ojDUC33XutSMi2pEF/M= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.0 h1:sYIFy8tm1xQwRvVQ4CRuBGXKIg9sHNuG6+3UAQuoujk= -github.com/aws/aws-sdk-go-v2/service/sts v1.25.0/go.mod h1:S/LOQUeYDfJeJpFCIJDMjy7dwL4aA33HUdVi+i7uH8k= -github.com/aws/smithy-go v1.16.0 h1:gJZEH/Fqh+RsvlJ1Zt4tVAtV6bKkp3cC+R6FCZMNzik= -github.com/aws/smithy-go v1.16.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= +github.com/aws/aws-sdk-go v1.48.2 h1:Lf7+Y4WmHB0AQLRQZA46diSwDa+LWbwY6IGaYoCVtTc= +github.com/aws/aws-sdk-go v1.48.2/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go-v2 v1.23.1 h1:qXaFsOOMA+HsZtX8WoCa+gJnbyW7qyFFBlPqvTSzbaI= +github.com/aws/aws-sdk-go-v2 v1.23.1/go.mod h1:i1XDttT4rnf6vxc9AuskLc6s7XBee8rlLilKlc03uAA= +github.com/aws/aws-sdk-go-v2/config v1.25.5 h1:UGKm9hpQS2hoK8CEJ1BzAW8NbUpvwDJJ4lyqXSzu8bk= +github.com/aws/aws-sdk-go-v2/config v1.25.5/go.mod h1:Bf4gDvy4ZcFIK0rqDu1wp9wrubNba2DojiPB2rt6nvI= +github.com/aws/aws-sdk-go-v2/credentials v1.16.4 h1:i7UQYYDSJrtc30RSwJwfBKwLFNnBTiICqAJ0pPdum8E= +github.com/aws/aws-sdk-go-v2/credentials v1.16.4/go.mod h1:Kdh/okh+//vQ/AjEt81CjvkTo64+/zIE4OewP7RpfXk= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5 h1:KehRNiVzIfAcj6gw98zotVbb/K67taJE0fkfgM6vzqU= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.5/go.mod h1:VhnExhw6uXy9QzetvpXDolo1/hjhx4u9qukBGkuUwjs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4 h1:LAm3Ycm9HJfbSCd5I+wqC2S9Ej7FPrgr5CQoOljJZcE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.4/go.mod h1:xEhvbJcyUf/31yfGSQBe01fukXwXJ0gxDp7rLfymWE0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4 h1:4GV0kKZzUxiWxSVpn/9gwR0g21NF1Jsyduzo9rHgC/Q= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.4/go.mod h1:dYvTNAggxDZy6y1AF7YDwXsPuHFy/VNEpEI/2dWK9IU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 h1:uR9lXYjdPX0xY+NhvaJ4dD8rpSRz5VY81ccIIoNG+lw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1/go.mod h1:6fQQgfuGmw8Al/3M2IgIllycxV7ZW7WCdVSqfBeUiCY= +github.com/aws/aws-sdk-go-v2/service/iam v1.27.3 h1:rHgJTYLKwLcZ9/k8CVWJuhdApnb3cdjoQeLvKa6bAcU= +github.com/aws/aws-sdk-go-v2/service/iam v1.27.3/go.mod h1:LklzfZoa7bL/NdhOzoaRtqSLGhu5j+GqE/9WoOQGFKY= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 h1:rpkF4n0CyFcrJUG/rNNohoTmhtWlFTRI4BsZOh9PvLs= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1/go.mod h1:l9ymW25HOqymeU2m1gbUQ3rUIsTwKs8gYHXkqDQUhiI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4 h1:rdovz3rEu0vZKbzoMYPTehp0E8veoE9AyfzqCr5Eeao= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.4/go.mod h1:aYCGNjyUCUelhofxlZyj63srdxWUSsBSGg5l6MCuXuE= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.3 h1:CdsSOGlFF3Pn+koXOIpTtvX7st0IuGsZ8kJqcWMlX54= +github.com/aws/aws-sdk-go-v2/service/sso v1.17.3/go.mod h1:oA6VjNsLll2eVuUoF2D+CMyORgNzPEW/3PyUdq6WQjI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.1 h1:cbRqFTVnJV+KRpwFl76GJdIZJKKCdTPnjUZ7uWh3pIU= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.20.1/go.mod h1:hHL974p5auvXlZPIjJTblXJpbkfK4klBczlsEaMCGVY= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.4 h1:yEvZ4neOQ/KpUqyR+X0ycUTW/kVRNR4nDZ38wStHGAA= +github.com/aws/aws-sdk-go-v2/service/sts v1.25.4/go.mod h1:feTnm2Tk/pJxdX+eooEsxvlvTWBvDm6CasRZ+JOs2IY= +github.com/aws/smithy-go v1.17.0 h1:wWJD7LX6PBV6etBUwO0zElG0nWN9rUhp0WdYeHSHAaI= +github.com/aws/smithy-go v1.17.0/go.mod h1:NukqUGpCZIILqqiV0NIjeFh24kd/FAa4beRb6nbIUPE= github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg= @@ -96,8 +98,8 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-github/v47 v47.1.0 h1:Cacm/WxQBOa9lF0FT0EMjZ2BWMetQ1TQfyurn4yF1z8= github.com/google/go-github/v47 v47.1.0/go.mod h1:VPZBXNbFSJGjyjFRUKo9vZGawTajnWzC/YjGw/oFKi0= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= @@ -112,8 +114,8 @@ github.com/hashicorp/hcl/v2 v2.19.1 h1://i05Jqznmb2EXqa39Nsvyan2o5XyMowW5fnCKW5R github.com/hashicorp/hcl/v2 v2.19.1/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= github.com/hashicorp/terraform-exec v0.19.0 h1:FpqZ6n50Tk95mItTSS9BjeOVUb4eg81SpgVtZNNtFSM= github.com/hashicorp/terraform-exec v0.19.0/go.mod h1:tbxUpe3JKruE9Cuf65mycSIT8KiNPZ0FkuTE3H4urQg= -github.com/hashicorp/terraform-json v0.17.1 h1:eMfvh/uWggKmY7Pmb3T85u86E2EQg6EQHgyRwf3RkyA= -github.com/hashicorp/terraform-json v0.17.1/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= +github.com/hashicorp/terraform-json v0.18.0 h1:pCjgJEqqDESv4y0Tzdqfxr/edOIGkjs8keY42xfNBwU= +github.com/hashicorp/terraform-json v0.18.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= @@ -200,10 +202,10 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= +golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= @@ -220,17 +222,17 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= +golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= +golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= +golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -261,8 +263,8 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= +golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -278,8 +280,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= +golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/src/aws.go b/src/aws.go index e5c73b16..5ef3d000 100644 --- a/src/aws.go +++ b/src/aws.go @@ -200,12 +200,12 @@ func AwsLookup(name string) interface{} { "aws_dax_cluster": awsDaxCluster, "aws_dax_parameter_group": awsDaxParameterGroup, "aws_dax_subnet_group": awsDaxSubnetGroup, - "aws_db_cluster_snapshot": awsDbClusterSnapshot, - "aws_db_event_subscription": awsDbEventSubscription, - "aws_db_instance": awsDbInstance, - "aws_db_option_group": awsDbOptionGroup, - "aws_db_parameter_group": awsDbParameterGroup, - "aws_db_subnet_group": awsDbSubnetGroup, + "aws_db_cluster_snapshot": awsDBClusterSnapshot, + "aws_db_event_subscription": awsDBEventSubscription, + "aws_db_instance": awsDBInstance, + "aws_db_option_group": awsDBOptionGroup, + "aws_db_parameter_group": awsDBParameterGroup, + "aws_db_subnet_group": awsDBSubnetGroup, "aws_default_network_acl": awsDefaultNetworkACL, "aws_default_route_table": awsDefaultRouteTable, "aws_default_security_group": awsDefaultSecurityGroup, @@ -218,10 +218,10 @@ func AwsLookup(name string) interface{} { "aws_docdb_cluster": awsRdsCluster, "aws_docdb_cluster_instance": awsNeptuneClusterInstance, "aws_docdb_cluster_parameter_group": awsRdsClusterParameterGroup, - "aws_docdb_cluster_snapshot": awsDbClusterSnapshot, + "aws_docdb_cluster_snapshot": awsDBClusterSnapshot, "aws_docdb_event_subscription": awsNeptuneEventSubscription, "aws_docdb_global_cluster": awsRdsGlobalCluster, - "aws_docdb_subnet_group": awsDbSubnetGroup, + "aws_docdb_subnet_group": awsDBSubnetGroup, "aws_dx_gateway": awsDxGateway, "aws_dx_gateway_association": awsDxGatewayAssociation, "aws_dx_hosted_transit_virtual_interface_accepter": awsDxHostedTransitVirtualInterfaceAccepter, @@ -379,8 +379,8 @@ func AwsLookup(name string) interface{} { "aws_neptune_cluster_parameter_group": awsRdsClusterParameterGroup, "aws_neptune_cluster_snapshot": awsNeptuneClusterSnapshot, "aws_neptune_event_subscription": awsNeptuneEventSubscription, - "aws_neptune_parameter_group": awsDbParameterGroup, - "aws_neptune_subnet_group": awsDbSubnetGroup, + "aws_neptune_parameter_group": awsDBParameterGroup, + "aws_neptune_subnet_group": awsDBSubnetGroup, "aws_network_acl": awsNetworkACL, "aws_network_acl_rule": awsNetworkACLRule, "aws_network_interface": awsNetworkInterface, @@ -398,7 +398,7 @@ func AwsLookup(name string) interface{} { "aws_rds_cluster": awsRdsCluster, "aws_rds_cluster_activity_stream": awsRdsClusterActivityStream, "aws_rds_cluster_endpoint": awsRdsClusterEndpoint, - "aws_rds_cluster_instance": awsDbInstance, + "aws_rds_cluster_instance": awsDBInstance, "aws_rds_cluster_parameter_group": awsRdsClusterParameterGroup, "aws_rds_cluster_role_association": awsRdsClusterRoleAssociation, "aws_rds_global_cluster": awsRdsGlobalCluster, @@ -553,6 +553,7 @@ func Contains(s []string, e string) bool { func GetPermissionMap(raw []byte, attributes []string) ([]string, error) { var mappings []interface{} err := json.Unmarshal(raw, &mappings) + if err != nil { return nil, fmt.Errorf("failed to unmarshal json %w", err) } diff --git a/src/aws_datasource.go b/src/aws_datasource.go index f72fccdd..5c4243f5 100644 --- a/src/aws_datasource.go +++ b/src/aws_datasource.go @@ -128,7 +128,7 @@ func AwsDataLoookup(find string) interface{} { "aws_db_cluster_snapshot": dataAwsDBClusterSnapshot, "aws_db_event_categories": dataAwsDBEventCategories, "aws_db_instance": dataAwsDBInstance, - "aws_db_instances": dataAwsDbInstances, + "aws_db_instances": dataAwsDBInstances, "aws_db_proxy": placeholder, "aws_db_snapshot": dataAwsDBSnapshot, "aws_db_subnet_group": dataAwsDBSubnetGroup, diff --git a/src/compare.go b/src/compare.go index 99c1d85c..b4cd74e6 100644 --- a/src/compare.go +++ b/src/compare.go @@ -52,6 +52,7 @@ func Compare(directory string, arn string, init bool) (bool, error) { func CompareIAMPolicy(policy string, oldPolicy string) (bool, error) { differ := diff.New() compare, err := differ.Compare([]byte(policy), []byte(oldPolicy)) + if err != nil { return false, err } diff --git a/src/credentials.go b/src/credentials.go index 3aabc21b..6d68d95e 100644 --- a/src/credentials.go +++ b/src/credentials.go @@ -10,7 +10,7 @@ import ( "github.com/aws/aws-sdk-go/service/sts" ) -func getAWSCredentials(IAMRole string, region string) (*sts.AssumeRoleOutput, error) { +func getAWSCredentials(iamRole string, region string) (*sts.AssumeRoleOutput, error) { const waitForConsistency = 900 config := aws.NewConfig() @@ -23,7 +23,7 @@ func getAWSCredentials(IAMRole string, region string) (*sts.AssumeRoleOutput, er input := &sts.AssumeRoleInput{ ExternalId: aws.String("123ABC"), Policy: nil, - RoleArn: aws.String(IAMRole), + RoleArn: aws.String(iamRole), RoleSessionName: aws.String("testAssumeRoleSession"), DurationSeconds: &duration, Tags: []*sts.Tag{}, diff --git a/src/data.go b/src/data.go index c26b8885..d5dec067 100644 --- a/src/data.go +++ b/src/data.go @@ -29,6 +29,7 @@ func GetResources(file string, dirName string) ([]ResourceV2, error) { case "terraform": { Resources, _ = DetectBackend(resource, block, Resources) + continue } case "module": @@ -83,6 +84,7 @@ func DetectBackend(resource ResourceV2, block *hclsyntax.Block, resources []Reso resource.Provider = "aws" resource.Attributes = []string{"s3"} resources = append(resources, resource) + return resources, nil } } @@ -97,6 +99,7 @@ func DetectBackend(resource ResourceV2, block *hclsyntax.Block, resources []Reso func GetResourceBlocks(file string) (*hclsyntax.Body, error) { temp, _ := filepath.Abs(file) src, err := os.ReadFile(temp) + if err != nil { return nil, fmt.Errorf("failed to read file: %w", err) } diff --git a/src/files.go b/src/files.go index 2ac22879..4a9208a1 100644 --- a/src/files.go +++ b/src/files.go @@ -182,13 +182,13 @@ var awsSnsTopicPolicy []byte var awsKeyPair []byte //go:embed mapping/aws/resource/rds/aws_db_instance.json -var awsDbInstance []byte +var awsDBInstance []byte //go:embed mapping/aws/resource/rds/aws_db_cluster_snapshot.json -var awsDbClusterSnapshot []byte +var awsDBClusterSnapshot []byte //go:embed mapping/aws/resource/rds/aws_db_event_subscription.json -var awsDbEventSubscription []byte +var awsDBEventSubscription []byte //go:embed mapping/aws/resource/ram/aws_ram_principal_association.json var awsRAMPrincipleAssociation []byte @@ -242,7 +242,7 @@ var awsDefaultRouteTable []byte var awsDefaultVpcDhcpOptions []byte //go:embed mapping/aws/resource/rds/aws_db_subnet_group.json -var awsDbSubnetGroup []byte +var awsDBSubnetGroup []byte //go:embed mapping/aws/resource/wafv2/aws_wafv2_web_acl.json var awsWafv2WebACL []byte @@ -368,10 +368,10 @@ var awsRouteTableAssociation []byte var awsNatGateway []byte //go:embed mapping/aws/resource/rds/aws_db_option_group.json -var awsDbOptionGroup []byte +var awsDBOptionGroup []byte //go:embed mapping/aws/resource/rds/aws_db_parameter_group.json -var awsDbParameterGroup []byte +var awsDBParameterGroup []byte //go:embed mapping/aws/resource/secretsmanager/aws_secretsmanager_secret.json var awsSecretsmanagerSecret []byte diff --git a/src/files_datasource.go b/src/files_datasource.go index 85f410f2..91f8e8ec 100644 --- a/src/files_datasource.go +++ b/src/files_datasource.go @@ -380,7 +380,7 @@ var dataAwsConnectInstanceStorageConfig []byte var dataAwsControltowerControls []byte //go:embed mapping/aws/data/rds/aws_db_instances.json -var dataAwsDbInstances []byte +var dataAwsDBInstances []byte //go:embed mapping/aws/data/directconnect/aws_dx_router_configuration.json var dataAwsDxRouterConfiguration []byte diff --git a/src/files_gcp.go b/src/files_gcp.go index 1308dc98..845e8d43 100644 --- a/src/files_gcp.go +++ b/src/files_gcp.go @@ -134,10 +134,10 @@ var googlekmsCryptoKeyIamPolicy []byte var googleDnsmanagedZone []byte //go:embed mapping/google/resource/dns/google_dns_policy.json -var googleDnsPolicy []byte +var googleDNSPolicy []byte //go:embed mapping/google/resource/dns/google_dns_record_set.json -var googleDnsRecordSet []byte +var googleDNSRecordSet []byte //go:embed mapping/google/resource/iam/google_service_account_iam_binding.json var googleServiceAccountIamBinding []byte diff --git a/src/files_gcp_datasource.go b/src/files_gcp_datasource.go index 7970bd7b..a5333a42 100644 --- a/src/files_gcp_datasource.go +++ b/src/files_gcp_datasource.go @@ -26,16 +26,16 @@ var dataGoogleKmsKeyRing []byte var dataGoogleKmsCryptoKey []byte //go:embed mapping/google/data/dns/google_dns_keys.json -var dataGoogleDnsKeys []byte +var dataGoogleDNSKeys []byte //go:embed mapping/google/data/dns/google_dns_managed_zone.json -var dataGoogleDnsManagedZone []byte +var dataGoogleDNSManagedZone []byte //go:embed mapping/google/data/dns/google_dns_managed_zone_iam_policy.json -var dataGoogleDnsManagedZoneIamPolicy []byte +var dataGoogleDNSManagedZoneIamPolicy []byte //go:embed mapping/google/data/dns/google_dns_record_set.json -var dataGoogleDnsRecordSet []byte +var dataGoogleDNSRecordSet []byte //go:embed mapping/google/data/artifactregistry/google_artifact_registry_repository.json var dataGoogleArtifactRegistryRepository []byte diff --git a/src/gcp.go b/src/gcp.go index dece8367..b5b0a0d1 100644 --- a/src/gcp.go +++ b/src/gcp.go @@ -77,8 +77,8 @@ func GCPLookup(result string) interface{} { "google_container_cluster": googleContainerCluster, "google_container_node_pool": googleContainerNodePool, "google_dns_managed_zone": googleDnsmanagedZone, - "google_dns_policy": googleDnsPolicy, - "google_dns_record_set": googleDnsRecordSet, + "google_dns_policy": googleDNSPolicy, + "google_dns_record_set": googleDNSRecordSet, "google_kms_crypto_key": googleKmsCryptoKey, "google_kms_crypto_key_iam_binding": googlekmsCryptoKeyIamBinding, "google_kms_crypto_key_iam_member": googlekmsCryptoKeyIamMember, diff --git a/src/gcp_datasource.go b/src/gcp_datasource.go index deda3aff..85aacc16 100644 --- a/src/gcp_datasource.go +++ b/src/gcp_datasource.go @@ -43,10 +43,10 @@ func GCPDataLookup(result string) interface{} { "google_compute_network": dataGoogleComputeNetwork, "google_compute_subnetwork": dataGoogleComputeSubnetwork, "google_compute_zones": dataGoogleComputeZones, - "google_dns_keys": dataGoogleDnsKeys, - "google_dns_managed_zone": dataGoogleDnsManagedZone, - "google_dns_managed_zone_iam_policy": dataGoogleDnsManagedZoneIamPolicy, - "google_dns_record_set": dataGoogleDnsRecordSet, + "google_dns_keys": dataGoogleDNSKeys, + "google_dns_managed_zone": dataGoogleDNSManagedZone, + "google_dns_managed_zone_iam_policy": dataGoogleDNSManagedZoneIamPolicy, + "google_dns_record_set": dataGoogleDNSRecordSet, "google_iam_policy": placeholder, "google_iam_role": placeholder, "google_kms_crypto_key": dataGoogleKmsCryptoKey, @@ -99,5 +99,6 @@ func GCPDataLookup(result string) interface{} { "google_service_account_key": dataGoogleServiceAccountKey, "google_redis_instance": dataGoogleRedisInstance, } + return TFLookup[result] } diff --git a/src/gcp_policy.go b/src/gcp_policy.go index 8d698e49..814db3f4 100644 --- a/src/gcp_policy.go +++ b/src/gcp_policy.go @@ -27,6 +27,7 @@ func GCPPolicy(permissions []string) (string, error) { var output bytes.Buffer tmpl, err := template.New("test").Parse(string(policyGCPTemplate)) + if err != nil { return "", fmt.Errorf("failed to parse template %w", err) } diff --git a/src/gcp_test.go b/src/gcp_test.go index ad7d0fe4..677a2f29 100644 --- a/src/gcp_test.go +++ b/src/gcp_test.go @@ -20,15 +20,21 @@ func TestGetGCPPermissions(t *testing.T) { want []string wantErr bool }{ - {name: "missing", args: args{result: pike.ResourceV2{TypeName: "bogus", Name: "bogus"}}, wantErr: true}, - {name: "notype", args: args{result: pike.ResourceV2{TypeName: "bogus", Name: "google_compute_instance", ResourceName: "pike", Provider: "azurerm", Attributes: []string{ - "name", - "machine_type", "zone", - }}}, wantErr: true}, - {name: "not implemented", args: args{result: pike.ResourceV2{TypeName: "data", Name: "google_compute_instance", ResourceName: "pike", Provider: "azurerm", Attributes: []string{ - "name", - "machine_type", "zone", - }}}, wantErr: true}, + {name: "missing", args: args{ + result: pike.ResourceV2{ + TypeName: "bogus", Name: "bogus"}}, wantErr: true}, + {name: "notype", args: args{ + result: pike.ResourceV2{ + TypeName: "bogus", Name: "google_compute_instance", ResourceName: "pike", Provider: "azurerm", Attributes: []string{ + "name", + "machine_type", "zone", + }}}, wantErr: true}, + {name: "not implemented", args: args{ + result: pike.ResourceV2{ + TypeName: "data", Name: "google_compute_instance", ResourceName: "pike", Provider: "azurerm", Attributes: []string{ + "name", + "machine_type", "zone", + }}}, wantErr: true}, { name: "resource", args: args{ @@ -59,6 +65,7 @@ func TestGetGCPPermissions(t *testing.T) { got, err := pike.GetGCPPermissions(tt.args.result) if (err != nil) != tt.wantErr { t.Errorf("GetGCPPermissions() error = %v, wantErr %v", err, tt.wantErr) + return } if !reflect.DeepEqual(got, tt.want) { diff --git a/src/gitHub.go b/src/gitHub.go index 74b2e591..538221be 100644 --- a/src/gitHub.go +++ b/src/gitHub.go @@ -72,6 +72,7 @@ func InvokeGithubDispatchEvent(repository string, workflowFileName string, branc func VerifyBranch(client *github.Client, owner string, repo string, branch string) error { ctx := context.Background() branches, _, err := client.Repositories.ListBranches(ctx, owner, repo, nil) + if err != nil { return err } diff --git a/src/policy.go b/src/policy.go index 58f9ee6f..21a9c049 100644 --- a/src/policy.go +++ b/src/policy.go @@ -45,6 +45,7 @@ func NewAWSPolicy(actions []string, resources bool) (Policy, error) { for count, section := range sections { var myActions []string + myResource := []string{"*"} resource := "*" @@ -60,7 +61,7 @@ func NewAWSPolicy(actions []string, resources bool) (Policy, error) { return something, fmt.Errorf("failed to find any action") } - //todo expand with new plan function + // todo expand with new plan function if resources { myArn.Service = section myArn.Resource = &resource @@ -137,12 +138,13 @@ func GetPolicy(actions Sorted, resources bool) (OutputPolicy, error) { // dedupe AZUREPermissions := Unique(actions.AZURE) OutPolicy.AZURE, err = AZUREPolicy(AZUREPermissions) + if err != nil { log.Print(err) + continue } } - } if Empty { @@ -206,6 +208,7 @@ func Unique(s []string) []string { for _, str := range s { if _, ok := inResult[str]; !ok { inResult[str] = true + result = append(result, str) } } diff --git a/src/readme.go b/src/readme.go index 2a79bce0..1138dc2a 100644 --- a/src/readme.go +++ b/src/readme.go @@ -24,6 +24,7 @@ func Readme(dirName string, output string, init bool, autoAppend bool) error { } var markdown string + switch strings.ToLower(output) { case terraform: markdown = "\nThe Terraform resource required is:\n\n```golang\n" + OutPolicy.AsString(output) + "\n```\n" @@ -34,6 +35,7 @@ func Readme(dirName string, output string, init bool, autoAppend bool) error { } err := ReplaceSection(file, markdown, autoAppend) + log.Print("readme updated") return err diff --git a/src/scan.go b/src/scan.go index 14d0fa4b..3d256261 100644 --- a/src/scan.go +++ b/src/scan.go @@ -38,23 +38,24 @@ func Scan(dirName string, output string, file *string, init bool, write bool, en } // WriteOutput writes out the policy as json or terraform -func WriteOutput(OutPolicy OutputPolicy, output, location string) error { +func WriteOutput(outPolicy OutputPolicy, output, location string) error { newPath, _ := filepath.Abs(location + "/.pike") err := os.MkdirAll(newPath, os.ModePerm) + if err != nil { return err } var outFile string - d1 := []byte(OutPolicy.AsString(output)) + d1 := []byte(outPolicy.AsString(output)) switch strings.ToLower(output) { case terraform: outFile = newPath + "/pike.generated_policy.tf" - if OutPolicy.AWS.Terraform != "" { + if outPolicy.AWS.Terraform != "" { err = os.WriteFile(newPath+"/aws_iam_role.terraform_pike.tf", roleTemplate, 0o644) } diff --git a/src/secrets.go b/src/secrets.go index 88e518ad..e947ce21 100644 --- a/src/secrets.go +++ b/src/secrets.go @@ -161,11 +161,13 @@ func EncryptPlaintext(plaintext string, publicKeyB64 string) ([]byte, error) { var publicKeyBytes32 [32]byte copiedLen := copy(publicKeyBytes32[:], publicKeyBytes) + if copiedLen == 0 { return nil, fmt.Errorf("could not convert publicKey to bytes") } plaintextBytes := []byte(plaintext) + var encryptedBytes []byte cipherText, err := box.SealAnonymous(encryptedBytes, plaintextBytes, &publicKeyBytes32, nil) diff --git a/src/watch.go b/src/watch.go index 6fc1ca67..32614a03 100644 --- a/src/watch.go +++ b/src/watch.go @@ -104,6 +104,7 @@ func GetPolicyVersion(client *iam.Client, policyArn string, version string) (*st func SortActions(myPolicy string) (*string, error) { var raw map[string]interface{} err := json.Unmarshal([]byte(myPolicy), &raw) + if err != nil { return nil, err }