Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Linter for calling d.SetId("") in resource Create, Delete or Update functions #18390

Closed
2 of 3 tasks
ewbankkit opened this issue Mar 24, 2021 · 2 comments · Fixed by #24509
Closed
2 of 3 tasks

Add Linter for calling d.SetId("") in resource Create, Delete or Update functions #18390

ewbankkit opened this issue Mar 24, 2021 · 2 comments · Fixed by #24509
Labels
linter Pertains to changes to or issues with the various linters. technical-debt Addresses areas of the codebase that need refactoring or redesign.
Milestone
v4.16.0

Comments

@ewbankkit
Copy link
Contributor

ewbankkit commented Mar 24, 2021
edited by gdavison
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Our resource lifecycle guidelines state that d.SetId("") should only be called in a resource Read function.
Add a linter to warn if d.SetId("") is called in a resource Create, Update or Delete function and correct all failing cases.
For Create and Update, return any underling error (with context if necessary). For Delete, return nil.

Suggested Semgrep Rule

  - id: calling-SetId-with-empty-string-in-resource-create-update-or-delete
    languages: [go]
    message: Do not call `d.SetId("")` inside a resource create, update or delete function
    paths:
      include:
        - aws/
    patterns:
      - pattern: |
          func $FUNC(...) {
            ...
            d.SetId("")
          }
      - metavariable-regex:
          metavariable: "$FUNC"
          regex: "^resourceAws\\w*(Create|Update|Delete)$"
    severity: WARNING
Current Report
aws/resource_aws_api_gateway_vpc_link.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
131:func resourceAwsApiGatewayVpcLinkUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_appsync_function.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
146:func resourceAwsAppsyncFunctionUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_cloudformation_stack.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
120:func resourceAwsCloudFormationStackCreate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_cloudwatch_event_permission.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
207:func resourceAwsCloudWatchEventPermissionUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_config_configuration_aggregator.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
202:func resourceAwsConfigConfigurationAggregatorDelete(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_default_security_group.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
313:func resourceAwsDefaultSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_docdb_cluster_parameter_group.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
183:func resourceAwsDocDBClusterParameterGroupUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_ec2_fleet.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
338:func resourceAwsEc2FleetCreate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_iam_role.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
298:func resourceAwsIamRoleUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_iam_user.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
141:func resourceAwsIamUserUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_iam_user_ssh_key.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
124:func resourceAwsIamUserSshKeyUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_kinesis_video_stream.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
178:func resourceAwsKinesisVideoStreamUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_media_convert_queue.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
169:func resourceAwsMediaConvertQueueUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_neptune_event_subscription.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
319:func resourceAwsNeptuneEventSubscriptionDelete(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_proxy_protocol_policy.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
98:func resourceAwsProxyProtocolPolicyUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_quicksight_group.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
125:func resourceAwsQuickSightGroupUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_quicksight_user.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
167:func resourceAwsQuickSightUserUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_ram_resource_share.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
132:func resourceAwsRamResourceShareUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_redshift_snapshot_schedule.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
141:func resourceAwsRedshiftSnapshotScheduleUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_redshift_snapshot_schedule_association.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
117:func resourceAwsRedshiftSnapshotScheduleAssociationDelete(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_s3_bucket_public_access_block.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
155:func resourceAwsS3BucketPublicAccessBlockUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_security_group.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
404:func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_sns_topic_subscription.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
271:func resourceAwsSnsTopicSubscriptionDelete(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_spot_fleet_request.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
923:func resourceAwsSpotFleetRequestCreate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_ssm_maintenance_window.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
144:func resourceAwsSsmMaintenanceWindowUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_ssm_maintenance_window_task.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
737:func resourceAwsSsmMaintenanceWindowTaskUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_transfer_user.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
185:func resourceAwsTransferUserUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_vpc_peering_connection.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
191:func resourceAwsVPCPeeringUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_geo_match_set.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
98:func resourceAwsWafRegionalGeoMatchSetUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_rate_based_rule.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
171:func resourceAwsWafRegionalRateBasedRuleUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_regex_match_set.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
117:func resourceAwsWafRegionalRegexMatchSetUpdate(d *schema.ResourceData, meta interface{}) error {
140:func resourceAwsWafRegionalRegexMatchSetDelete(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_regex_pattern_set.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
87:func resourceAwsWafRegionalRegexPatternSetUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_size_constraint_set.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
78:func resourceAwsWafRegionalSizeConstraintSetUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_wafregional_sql_injection_match_set.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
117:func resourceAwsWafRegionalSqlInjectionMatchSetUpdate(d *schema.ResourceData, meta interface{}) error {

aws/resource_aws_worklink_fleet.go
severity:warning rule:calling-SetId-with-empty-string-in-resource-create-update-or-delete: Do not call `d.SetId("")` inside a resource create, update or delete function
224:func resourceAwsWorkLinkFleetUpdate(d *schema.ResourceData, meta interface{}) error {

Definition Of Done

  • New rule(s) added to .semgrep.yml
  • All failing cases corrected
  • Contributor documentation updated - calling d.SetId("") in resource Update not currently noted
Bonus Points
  • Add a rule to ensure that resource Create function names match the pattern ^resourceAws\\w*Create$" and similar for Update and Delete
@ewbankkit ewbankkit added linter Pertains to changes to or issues with the various linters. technical-debt Addresses areas of the codebase that need refactoring or redesign. labels Mar 24, 2021
@ewbankkit ewbankkit mentioned this issue Mar 24, 2021
Merged
@ewbankkit ewbankkit changed the title Add Linter for calling d.SetId("") outside resource Read function Add Linter for calling d.SetId("") in resource Create or Delete functions Jan 18, 2022
@ewbankkit ewbankkit changed the title Add Linter for calling d.SetId("") in resource Create or Delete functions Add Linter for calling d.SetId("") in resource Create, Delete or Update functions Jan 18, 2022
@ewbankkit ewbankkit mentioned this issue May 3, 2022
Merged
@github-actions github-actions bot added this to the v4.16.0 milestone May 23, 2022
@github-actions
Copy link

This functionality has been released in v4.16.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
linter Pertains to changes to or issues with the various linters. technical-debt Addresses areas of the codebase that need refactoring or redesign.
Projects
None yet
Milestone
v4.16.0
Development

Successfully merging a pull request may close this issue.

Adds check for d.SetId("") in resource Update functions hashicorp/terraform-provider-aws
1 participant
@ewbankkit