Error handling for deprecated aws and azure resources

Signed-off-by: Nikita Mathur <nikita.mathur@chef.io>
This commit is contained in:
Nikita Mathur 2022-03-10 15:50:56 +05:30
parent 438daafb4b
commit 7f4271e216
3 changed files with 73 additions and 13 deletions

View file

@ -17,9 +17,14 @@
"prefix": "Inputs should be specified by using the 'inputs' key in profile metadata, not 'attributes'." "prefix": "Inputs should be specified by using the 'inputs' key in profile metadata, not 'attributes'."
}, },
"aws_resources_in_resource_pack": { "aws_resources_in_resource_pack": {
"comment": "See #3822", "comment": "Deprecated in InSpec 5",
"action": "warn", "action": "exit",
"prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ." "prefix": "AWS resources shipped with core InSpec are deprecated and are part of resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
},
"azure_resources_in_resource_pack": {
"comment": "Deprecated in InSpec 5",
"action": "exit",
"prefix": "Azure resources shipped with core InSpec are deprecated and are part of resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-azure.git ."
}, },
"cli_option_json_config": { "cli_option_json_config": {
"action": "ignore", "action": "ignore",
@ -55,10 +60,6 @@
"action": "fail_control", "action": "fail_control",
"suffix": "This property was removed in InSpec 4.0." "suffix": "This property was removed in InSpec 4.0."
}, },
"properties_aws_iam_user": {
"action": "fail_control",
"suffix": "This property was removed in InSpec 4.0."
},
"properties_shadow": { "properties_shadow": {
"action": "fail_control", "action": "fail_control",
"suffix": "This property was removed in InSpec 4.0." "suffix": "This property was removed in InSpec 4.0."
@ -72,10 +73,6 @@
"action": "exit", "action": "exit",
"suffix": "This resource was removed in InSpec 4.0." "suffix": "This resource was removed in InSpec 4.0."
}, },
"resource_azure_generic_resource": {
"action": "warn",
"prefix": "The azure_generic_resource is deprecated. Please use a specific resource. See: 'https://github.com/inspec/inspec/issues/3131'"
},
"resource_iis_website": { "resource_iis_website": {
"action": "exit", "action": "exit",
"suffix": "This resource was removed in InSpec 4.0.", "suffix": "This resource was removed in InSpec 4.0.",

View file

@ -1,6 +1,7 @@
# copyright: 2015, Dominik Richter # copyright: 2015, Dominik Richter
require "inspec/log" require "inspec/log"
require "inspec/plugin/v2" require "inspec/plugin/v2"
require "inspec/utils/deprecated_cloud_resources_list"
module Inspec::DSL module Inspec::DSL
attr_accessor :backend attr_accessor :backend
@ -38,8 +39,16 @@ module Inspec::DSL
begin begin
require "inspec/resources/#{id}" require "inspec/resources/#{id}"
rescue LoadError rescue LoadError => e
require "resources/aws/#{id}" include DeprecatedCloudResourcesList
cloud_resource = id.start_with?("aws_") ? "aws" : "azure"
# this check raises deprecation warning for aws and azure resources that were part of InSpec.
if CLOUD_RESOURCES_DEPRECATED.include? id
Inspec.deprecate(:"#{cloud_resource}_resources_in_resource_pack", "Resource '#{id}'")
else
raise LoadError, "#{e.message}"
end
end end
klass = Inspec::Resource.registry[id.to_s] klass = Inspec::Resource.registry[id.to_s]

View file

@ -0,0 +1,54 @@
module DeprecatedCloudResourcesList
CLOUD_RESOURCES_DEPRECATED = %i{
aws_billing_report
aws_billing_reports
aws_cloudtrail_trail
aws_cloudtrail_trails
aws_cloudwatch_alarm
aws_cloudwatch_log_metric_filter
aws_config_delivery_channel
aws_config_recorder
aws_ec2_instance
aws_ebs_volume
aws_ebs_volumes
aws_flow_log
aws_ec2_instances
aws_ecs_cluster
aws_eks_cluster
aws_elb
aws_elbs
aws_iam_access_key
aws_iam_access_keys
aws_iam_group
aws_iam_groups
aws_iam_password_policy
aws_iam_policies
aws_iam_policy
aws_iam_role
aws_iam_root_user
aws_iam_user
aws_iam_users
aws_kms_key
aws_kms_keys
aws_rds_instance
aws_route_table
aws_route_tables
aws_s3_bucket
aws_s3_bucket_object
aws_s3_buckets
aws_security_group
aws_security_groups
aws_sns_subscription
aws_sns_topic
aws_sns_topics
aws_sqs_queue
aws_subnet
aws_subnets
aws_vpc
aws_vpcs
azure_generic_resource
azure_resource_group
azure_virtual_machine
azure_virtual_machine_data_disk
}.freeze
end