2017-12-04 18:32:13 +00:00
module AwsResourceMixin
def initialize ( resource_params = { } )
2019-05-18 03:15:21 +00:00
Inspec . deprecate ( :aws_resources_in_resource_pack ,
2019-11-07 23:17:22 +00:00
" Resource ' #{ @__resource_name__ || = self . class . to_s } ' " )
2017-12-04 18:32:13 +00:00
validate_params ( resource_params ) . each do | param , value |
instance_variable_set ( :" @ #{ param } " , value )
end
2018-02-14 19:15:20 +00:00
catch_aws_errors do
fetch_from_api
end
2018-02-17 15:50:35 +00:00
rescue ArgumentError = > e
# continue with ArgumentError if testing
raise unless respond_to? ( :inspec )
2019-07-09 00:20:30 +00:00
2018-02-17 15:50:35 +00:00
raise Inspec :: Exceptions :: ResourceFailed , e . message
2018-02-08 04:26:37 +00:00
end
# Default implementation of validate params accepts everything.
def validate_params ( resource_params )
resource_params
2017-12-04 18:32:13 +00:00
end
def check_resource_param_names ( raw_params : { } , allowed_params : [ ] , allowed_scalar_name : nil , allowed_scalar_type : nil )
# Some resources allow passing in a single ID value. Check and convert to hash if so.
if allowed_scalar_name && ! raw_params . is_a? ( Hash )
value_seen = raw_params
if value_seen . is_a? ( allowed_scalar_type )
raw_params = { allowed_scalar_name = > value_seen }
else
2019-06-11 22:24:35 +00:00
raise ArgumentError , " If you pass a single value to the resource, it must " \
2017-12-04 18:32:13 +00:00
" be a #{ allowed_scalar_type } , not an #{ value_seen . class } . "
end
end
# Remove all expected params from the raw param hash
recognized_params = { }
allowed_params . each do | expected_param |
recognized_params [ expected_param ] = raw_params . delete ( expected_param ) if raw_params . key? ( expected_param )
end
# Any leftovers are unwelcome
unless raw_params . empty?
2019-07-09 00:20:30 +00:00
raise ArgumentError , " Unrecognized resource param ' #{ raw_params . keys . first } '. Expected parameters: #{ allowed_params . join ( " , " ) } "
2017-12-04 18:32:13 +00:00
end
recognized_params
end
2018-02-08 04:26:37 +00:00
def inspec_runner
# When running under inspec-cli, we have an 'inspec' method that
# returns the runner. When running under unit tests, we don't
# have that, but we still have to call this to pass something
# (nil is OK) to the backend.
# TODO: remove with https://github.com/chef/inspec-aws/issues/216
inspec if respond_to? ( :inspec )
2017-12-04 18:32:13 +00:00
end
2018-02-14 19:15:20 +00:00
# Intercept AWS exceptions
def catch_aws_errors
yield
rescue Aws :: Errors :: MissingCredentialsError
# The AWS error here is unhelpful:
# "unable to sign request without credentials set"
Inspec :: Log . error " It appears that you have not set your AWS credentials. You may set them using environment variables, or using the 'aws://region/aws_credentials_profile' target. See https://www.inspec.io/docs/reference/platforms for details. "
2019-06-11 22:24:35 +00:00
fail_resource ( " No AWS credentials available " )
2018-02-14 19:15:20 +00:00
rescue Aws :: Errors :: ServiceError = > e
fail_resource e . message
end
2017-12-04 18:32:13 +00:00
end