mirror of
https://github.com/inspec/inspec
synced 2024-11-26 22:50:36 +00:00
Error handling for deprecated aws and azure resources
Signed-off-by: Nikita Mathur <nikita.mathur@chef.io>
This commit is contained in:
parent
438daafb4b
commit
7f4271e216
3 changed files with 73 additions and 13 deletions
|
@ -17,9 +17,14 @@
|
||||||
"prefix": "Inputs should be specified by using the 'inputs' key in profile metadata, not 'attributes'."
|
"prefix": "Inputs should be specified by using the 'inputs' key in profile metadata, not 'attributes'."
|
||||||
},
|
},
|
||||||
"aws_resources_in_resource_pack": {
|
"aws_resources_in_resource_pack": {
|
||||||
"comment": "See #3822",
|
"comment": "Deprecated in InSpec 5",
|
||||||
"action": "warn",
|
"action": "exit",
|
||||||
"prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
|
"prefix": "AWS resources shipped with core InSpec are deprecated and are part of resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
|
||||||
|
},
|
||||||
|
"azure_resources_in_resource_pack": {
|
||||||
|
"comment": "Deprecated in InSpec 5",
|
||||||
|
"action": "exit",
|
||||||
|
"prefix": "Azure resources shipped with core InSpec are deprecated and are part of resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-azure.git ."
|
||||||
},
|
},
|
||||||
"cli_option_json_config": {
|
"cli_option_json_config": {
|
||||||
"action": "ignore",
|
"action": "ignore",
|
||||||
|
@ -55,10 +60,6 @@
|
||||||
"action": "fail_control",
|
"action": "fail_control",
|
||||||
"suffix": "This property was removed in InSpec 4.0."
|
"suffix": "This property was removed in InSpec 4.0."
|
||||||
},
|
},
|
||||||
"properties_aws_iam_user": {
|
|
||||||
"action": "fail_control",
|
|
||||||
"suffix": "This property was removed in InSpec 4.0."
|
|
||||||
},
|
|
||||||
"properties_shadow": {
|
"properties_shadow": {
|
||||||
"action": "fail_control",
|
"action": "fail_control",
|
||||||
"suffix": "This property was removed in InSpec 4.0."
|
"suffix": "This property was removed in InSpec 4.0."
|
||||||
|
@ -72,10 +73,6 @@
|
||||||
"action": "exit",
|
"action": "exit",
|
||||||
"suffix": "This resource was removed in InSpec 4.0."
|
"suffix": "This resource was removed in InSpec 4.0."
|
||||||
},
|
},
|
||||||
"resource_azure_generic_resource": {
|
|
||||||
"action": "warn",
|
|
||||||
"prefix": "The azure_generic_resource is deprecated. Please use a specific resource. See: 'https://github.com/inspec/inspec/issues/3131'"
|
|
||||||
},
|
|
||||||
"resource_iis_website": {
|
"resource_iis_website": {
|
||||||
"action": "exit",
|
"action": "exit",
|
||||||
"suffix": "This resource was removed in InSpec 4.0.",
|
"suffix": "This resource was removed in InSpec 4.0.",
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
# copyright: 2015, Dominik Richter
|
# copyright: 2015, Dominik Richter
|
||||||
require "inspec/log"
|
require "inspec/log"
|
||||||
require "inspec/plugin/v2"
|
require "inspec/plugin/v2"
|
||||||
|
require "inspec/utils/deprecated_cloud_resources_list"
|
||||||
|
|
||||||
module Inspec::DSL
|
module Inspec::DSL
|
||||||
attr_accessor :backend
|
attr_accessor :backend
|
||||||
|
@ -38,8 +39,16 @@ module Inspec::DSL
|
||||||
|
|
||||||
begin
|
begin
|
||||||
require "inspec/resources/#{id}"
|
require "inspec/resources/#{id}"
|
||||||
rescue LoadError
|
rescue LoadError => e
|
||||||
require "resources/aws/#{id}"
|
include DeprecatedCloudResourcesList
|
||||||
|
cloud_resource = id.start_with?("aws_") ? "aws" : "azure"
|
||||||
|
|
||||||
|
# this check raises deprecation warning for aws and azure resources that were part of InSpec.
|
||||||
|
if CLOUD_RESOURCES_DEPRECATED.include? id
|
||||||
|
Inspec.deprecate(:"#{cloud_resource}_resources_in_resource_pack", "Resource '#{id}'")
|
||||||
|
else
|
||||||
|
raise LoadError, "#{e.message}"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
klass = Inspec::Resource.registry[id.to_s]
|
klass = Inspec::Resource.registry[id.to_s]
|
||||||
|
|
54
lib/inspec/utils/deprecated_cloud_resources_list.rb
Normal file
54
lib/inspec/utils/deprecated_cloud_resources_list.rb
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
module DeprecatedCloudResourcesList
|
||||||
|
CLOUD_RESOURCES_DEPRECATED = %i{
|
||||||
|
aws_billing_report
|
||||||
|
aws_billing_reports
|
||||||
|
aws_cloudtrail_trail
|
||||||
|
aws_cloudtrail_trails
|
||||||
|
aws_cloudwatch_alarm
|
||||||
|
aws_cloudwatch_log_metric_filter
|
||||||
|
aws_config_delivery_channel
|
||||||
|
aws_config_recorder
|
||||||
|
aws_ec2_instance
|
||||||
|
aws_ebs_volume
|
||||||
|
aws_ebs_volumes
|
||||||
|
aws_flow_log
|
||||||
|
aws_ec2_instances
|
||||||
|
aws_ecs_cluster
|
||||||
|
aws_eks_cluster
|
||||||
|
aws_elb
|
||||||
|
aws_elbs
|
||||||
|
aws_iam_access_key
|
||||||
|
aws_iam_access_keys
|
||||||
|
aws_iam_group
|
||||||
|
aws_iam_groups
|
||||||
|
aws_iam_password_policy
|
||||||
|
aws_iam_policies
|
||||||
|
aws_iam_policy
|
||||||
|
aws_iam_role
|
||||||
|
aws_iam_root_user
|
||||||
|
aws_iam_user
|
||||||
|
aws_iam_users
|
||||||
|
aws_kms_key
|
||||||
|
aws_kms_keys
|
||||||
|
aws_rds_instance
|
||||||
|
aws_route_table
|
||||||
|
aws_route_tables
|
||||||
|
aws_s3_bucket
|
||||||
|
aws_s3_bucket_object
|
||||||
|
aws_s3_buckets
|
||||||
|
aws_security_group
|
||||||
|
aws_security_groups
|
||||||
|
aws_sns_subscription
|
||||||
|
aws_sns_topic
|
||||||
|
aws_sns_topics
|
||||||
|
aws_sqs_queue
|
||||||
|
aws_subnet
|
||||||
|
aws_subnets
|
||||||
|
aws_vpc
|
||||||
|
aws_vpcs
|
||||||
|
azure_generic_resource
|
||||||
|
azure_resource_group
|
||||||
|
azure_virtual_machine
|
||||||
|
azure_virtual_machine_data_disk
|
||||||
|
}.freeze
|
||||||
|
end
|
Loading…
Reference in a new issue