diff --git a/rules/magicmodules/api_definition.go b/rules/magicmodules/api_definition.go index b40c989..882b9cd 100644 --- a/rules/magicmodules/api_definition.go +++ b/rules/magicmodules/api_definition.go @@ -56,6 +56,7 @@ var APIDefinition = map[string]string{ "google_apigee_keystores_aliases_self_signed_cert": "apigee.googleapis.com", "google_apigee_nat_address": "apigee.googleapis.com", "google_apigee_organization": "apigee.googleapis.com", + "google_apigee_security_profile_v2": "apigee.googleapis.com", "google_apigee_sync_authorization": "apigee.googleapis.com", "google_apigee_target_server": "apigee.googleapis.com", "google_apihub_api_hub_instance": "apihub.googleapis.com", @@ -99,6 +100,8 @@ var APIDefinition = map[string]string{ "google_bigquery_reservation_assignment": "bigqueryreservation.googleapis.com", "google_bigquery_routine": "bigquery.googleapis.com", "google_bigtable_app_profile": "bigtableadmin.googleapis.com", + "google_bigtable_logical_view": "bigtableadmin.googleapis.com", + "google_bigtable_materialized_view": "bigtableadmin.googleapis.com", "google_billing_budget": "billingbudgets.googleapis.com", "google_billing_project_info": "cloudbilling.googleapis.com", "google_binary_authorization_attestor": "binaryauthorization.googleapis.com", @@ -189,6 +192,8 @@ var APIDefinition = map[string]string{ "google_compute_region_network_firewall_policy_association": "compute.googleapis.com", "google_compute_region_network_firewall_policy_rule": "compute.googleapis.com", "google_compute_region_per_instance_config": "compute.googleapis.com", + "google_compute_region_security_policy": "compute.googleapis.com", + "google_compute_region_security_policy_rule": "compute.googleapis.com", "google_compute_region_ssl_certificate": "compute.googleapis.com", "google_compute_region_ssl_policy": "compute.googleapis.com", "google_compute_region_target_http_proxy": "compute.googleapis.com", @@ -198,6 +203,7 @@ var APIDefinition = map[string]string{ "google_compute_reservation": "compute.googleapis.com", "google_compute_resize_request": "compute.googleapis.com", "google_compute_resource_policy": "compute.googleapis.com", + "google_compute_resource_policy_attachment": "compute.googleapis.com", "google_compute_route": "compute.googleapis.com", "google_compute_router": "compute.googleapis.com", "google_compute_router_nat": "compute.googleapis.com", @@ -208,6 +214,7 @@ var APIDefinition = map[string]string{ "google_compute_snapshot": "compute.googleapis.com", "google_compute_ssl_certificate": "compute.googleapis.com", "google_compute_ssl_policy": "compute.googleapis.com", + "google_compute_storage_pool": "compute.googleapis.com", "google_compute_subnetwork": "compute.googleapis.com", "google_compute_target_grpc_proxy": "compute.googleapis.com", "google_compute_target_http_proxy": "compute.googleapis.com", @@ -310,7 +317,9 @@ var APIDefinition = map[string]string{ "google_gemini_release_channel_setting": "cloudaicompanion.googleapis.com", "google_gemini_release_channel_setting_binding": "cloudaicompanion.googleapis.com", "google_gemini_repository_group": "cloudaicompanion.googleapis.com", + "google_gke_backup_backup_channel": "gkebackup.googleapis.com", "google_gke_backup_backup_plan": "gkebackup.googleapis.com", + "google_gke_backup_restore_channel": "gkebackup.googleapis.com", "google_gke_backup_restore_plan": "gkebackup.googleapis.com", "google_gke_hub_feature": "gkehub.googleapis.com", "google_gke_hub_fleet": "gkehub.googleapis.com", @@ -452,6 +461,7 @@ var APIDefinition = map[string]string{ "google_organization_access_approval_settings": "accessapproval.googleapis.com", "google_os_config_patch_deployment": "osconfig.googleapis.com", "google_os_config_v2_policy_orchestrator": "osconfig.googleapis.com", + "google_os_config_v2_policy_orchestrator_for_folder": "osconfig.googleapis.com", "google_os_config_v2_policy_orchestrator_for_organization": "osconfig.googleapis.com", "google_os_login_ssh_public_key": "oslogin.googleapis.com", "google_parallelstore_instance": "parallelstore.googleapis.com", @@ -516,6 +526,7 @@ var APIDefinition = map[string]string{ "google_sql_database": "sqladmin.googleapis.com", "google_sql_source_representation_instance": "sqladmin.googleapis.com", "google_storage_anywhere_cache": "storage.googleapis.com", + "google_storage_batch_operations_job": "storagebatchoperations.googleapis.com", "google_storage_bucket_access_control": "storage.googleapis.com", "google_storage_control_folder_intelligence_config": "storage.googleapis.com", "google_storage_control_organization_intelligence_config": "storage.googleapis.com", diff --git a/rules/magicmodules/google_compute_region_security_policy_invalid_type.go b/rules/magicmodules/google_compute_region_security_policy_invalid_type.go new file mode 100644 index 0000000..7a03b20 --- /dev/null +++ b/rules/magicmodules/google_compute_region_security_policy_invalid_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeRegionSecurityPolicyInvalidTypeRule checks the pattern is valid +type GoogleComputeRegionSecurityPolicyInvalidTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeRegionSecurityPolicyInvalidTypeRule returns new rule with default attributes +func NewGoogleComputeRegionSecurityPolicyInvalidTypeRule() *GoogleComputeRegionSecurityPolicyInvalidTypeRule { + return &GoogleComputeRegionSecurityPolicyInvalidTypeRule{ + resourceType: "google_compute_region_security_policy", + attributeName: "type", + } +} + +// Name returns the rule name +func (r *GoogleComputeRegionSecurityPolicyInvalidTypeRule) Name() string { + return "google_compute_region_security_policy_invalid_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeRegionSecurityPolicyInvalidTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeRegionSecurityPolicyInvalidTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeRegionSecurityPolicyInvalidTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeRegionSecurityPolicyInvalidTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"CLOUD_ARMOR", "CLOUD_ARMOR_EDGE", "CLOUD_ARMOR_NETWORK", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_compute_storage_pool_invalid_capacity_provisioning_type.go b/rules/magicmodules/google_compute_storage_pool_invalid_capacity_provisioning_type.go new file mode 100644 index 0000000..1d44b04 --- /dev/null +++ b/rules/magicmodules/google_compute_storage_pool_invalid_capacity_provisioning_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule checks the pattern is valid +type GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule returns new rule with default attributes +func NewGoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule() *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule { + return &GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule{ + resourceType: "google_compute_storage_pool", + attributeName: "capacity_provisioning_type", + } +} + +// Name returns the rule name +func (r *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule) Name() string { + return "google_compute_storage_pool_invalid_capacity_provisioning_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"STANDARD", "ADVANCED", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_compute_storage_pool_invalid_performance_provisioning_type.go b/rules/magicmodules/google_compute_storage_pool_invalid_performance_provisioning_type.go new file mode 100644 index 0000000..bef9e41 --- /dev/null +++ b/rules/magicmodules/google_compute_storage_pool_invalid_performance_provisioning_type.go @@ -0,0 +1,91 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule checks the pattern is valid +type GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule returns new rule with default attributes +func NewGoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule() *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule { + return &GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule{ + resourceType: "google_compute_storage_pool", + attributeName: "performance_provisioning_type", + } +} + +// Name returns the rule name +func (r *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule) Name() string { + return "google_compute_storage_pool_invalid_performance_provisioning_type" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validation.StringInSlice([]string{"STANDARD", "ADVANCED", ""}, false) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/google_storage_batch_operations_job_invalid_job_id.go b/rules/magicmodules/google_storage_batch_operations_job_invalid_job_id.go new file mode 100644 index 0000000..0d87903 --- /dev/null +++ b/rules/magicmodules/google_storage_batch_operations_job_invalid_job_id.go @@ -0,0 +1,90 @@ +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: MMv1 *** +// +// ---------------------------------------------------------------------------- +// +// This file is automatically generated by Magic Modules and manual +// changes will be clobbered when the file is regenerated. +// +// Please read more about how to change this file in +// .github/CONTRIBUTING.md. +// +// ---------------------------------------------------------------------------- + +package magicmodules + +import ( + "github.com/terraform-linters/tflint-plugin-sdk/hclext" + "github.com/terraform-linters/tflint-plugin-sdk/tflint" +) + +// GoogleStorageBatchOperationsJobInvalidJobIdRule checks the pattern is valid +type GoogleStorageBatchOperationsJobInvalidJobIdRule struct { + tflint.DefaultRule + + resourceType string + attributeName string +} + +// NewGoogleStorageBatchOperationsJobInvalidJobIdRule returns new rule with default attributes +func NewGoogleStorageBatchOperationsJobInvalidJobIdRule() *GoogleStorageBatchOperationsJobInvalidJobIdRule { + return &GoogleStorageBatchOperationsJobInvalidJobIdRule{ + resourceType: "google_storage_batch_operations_job", + attributeName: "job_id", + } +} + +// Name returns the rule name +func (r *GoogleStorageBatchOperationsJobInvalidJobIdRule) Name() string { + return "google_storage_batch_operations_job_invalid_job_id" +} + +// Enabled returns whether the rule is enabled by default +func (r *GoogleStorageBatchOperationsJobInvalidJobIdRule) Enabled() bool { + return true +} + +// Severity returns the rule severity +func (r *GoogleStorageBatchOperationsJobInvalidJobIdRule) Severity() tflint.Severity { + return tflint.ERROR +} + +// Link returns the rule reference link +func (r *GoogleStorageBatchOperationsJobInvalidJobIdRule) Link() string { + return "" +} + +// Check checks the pattern is valid +func (r *GoogleStorageBatchOperationsJobInvalidJobIdRule) Check(runner tflint.Runner) error { + resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{ + Attributes: []hclext.AttributeSchema{{Name: r.attributeName}}, + }, nil) + if err != nil { + return err + } + + for _, resource := range resources.Blocks { + attribute, exists := resource.Body.Attributes[r.attributeName] + if !exists { + continue + } + + err := runner.EvaluateExpr(attribute.Expr, func(val string) error { + validateFunc := validateRegexp(`^[a-z0-9]([-a-z0-9]*[a-z0-9])?.$`) + + _, errors := validateFunc(val, r.attributeName) + for _, err := range errors { + if err := runner.EmitIssue(r, err.Error(), attribute.Expr.Range()); err != nil { + return err + } + } + return nil + }, nil) + if err != nil { + return err + } + } + + return nil +} diff --git a/rules/magicmodules/provider.go b/rules/magicmodules/provider.go index bb8b4f4..463cc24 100644 --- a/rules/magicmodules/provider.go +++ b/rules/magicmodules/provider.go @@ -126,6 +126,7 @@ var Rules = []tflint.Rule{ NewGoogleComputeRegionCommitmentInvalidPlanRule(), NewGoogleComputeRegionNetworkEndpointGroupInvalidNetworkEndpointTypeRule(), NewGoogleComputeRegionNetworkFirewallPolicyRuleInvalidDirectionRule(), + NewGoogleComputeRegionSecurityPolicyInvalidTypeRule(), NewGoogleComputeRegionSslPolicyInvalidMinTlsVersionRule(), NewGoogleComputeRegionSslPolicyInvalidProfileRule(), NewGoogleComputeRegionTargetTcpProxyInvalidProxyHeaderRule(), @@ -137,6 +138,8 @@ var Rules = []tflint.Rule{ NewGoogleComputeRouterRoutePolicyInvalidTypeRule(), NewGoogleComputeSslPolicyInvalidMinTlsVersionRule(), NewGoogleComputeSslPolicyInvalidProfileRule(), + NewGoogleComputeStoragePoolInvalidCapacityProvisioningTypeRule(), + NewGoogleComputeStoragePoolInvalidPerformanceProvisioningTypeRule(), NewGoogleComputeSubnetworkInvalidIpv6AccessTypeRule(), NewGoogleComputeSubnetworkInvalidRoleRule(), NewGoogleComputeSubnetworkInvalidStackTypeRule(), @@ -290,6 +293,7 @@ var Rules = []tflint.Rule{ NewGoogleSpannerInstanceInvalidNameRule(), NewGoogleSpannerInstancePartitionInvalidNameRule(), NewGoogleStorageAnywhereCacheInvalidAdmissionPolicyRule(), + NewGoogleStorageBatchOperationsJobInvalidJobIdRule(), NewGoogleStorageBucketAccessControlInvalidRoleRule(), NewGoogleStorageDefaultObjectAccessControlInvalidRoleRule(), NewGoogleStorageHmacKeyInvalidStateRule(), diff --git a/tools/magic-modules b/tools/magic-modules index b863028..1a14172 160000 --- a/tools/magic-modules +++ b/tools/magic-modules @@ -1 +1 @@ -Subproject commit b863028ebb63b8de85d0607c73d3814d0a2bf1c3 +Subproject commit 1a1417252aa0ff2b71089fe90b426606e4f42158