"Fossies" - the Fresh Open Source Software Archive

Member "cli-1.1280.1/src/lib/iac/service-mappings.ts" (20 Feb 2024, 7330 Bytes) of package /linux/misc/snyk-cli-1.1280.1.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) TypeScript source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 import { CustomError } from '../errors';
    2 import { IaCErrorCodes } from '../../cli/commands/test/iac/local-execution/types';
    3 import { getErrorStringCode } from '../../cli/commands/test/iac/local-execution/error-utils';
    4 
    5 export const services2resources = new Map<string, Array<string>>([
    6   // Amazon
    7   [
    8     'aws_s3',
    9     [
   10       'aws_s3_bucket',
   11       'aws_s3_bucket_analytics_configuration',
   12       'aws_s3_bucket_inventory',
   13       'aws_s3_bucket_metric',
   14       'aws_s3_bucket_notification',
   15       'aws_s3_bucket_policy',
   16     ],
   17   ],
   18   [
   19     'aws_ec2',
   20     [
   21       'aws_instance',
   22       'aws_key_pair',
   23       'aws_ami',
   24       'aws_ebs_snapshot',
   25       'aws_ebs_volume',
   26       'aws_eip',
   27       'aws_eip_association',
   28       'aws_volume_attachment',
   29       'aws_launch_configuration',
   30       'aws_launch_template',
   31     ],
   32   ],
   33   ['aws_lambda', ['aws_lambda_function', 'aws_lambda_event_source_mapping']],
   34   [
   35     'aws_rds',
   36     [
   37       'aws_db_instance',
   38       'aws_db_subnet_group',
   39       'aws_rds_cluster',
   40       'aws_rds_cluster_endpoint',
   41       'aws_rds_cluster_instance',
   42     ],
   43   ],
   44   ['aws_route53', ['aws_route53_record', 'aws_route53_zone']],
   45   [
   46     'aws_iam',
   47     [
   48       'aws_iam_access_key',
   49       'aws_iam_policy',
   50       'aws_iam_policy_attachment',
   51       'aws_iam_role',
   52       'aws_iam_role_policy',
   53       'aws_iam_role_policy_attachment',
   54       'aws_iam_user',
   55       'aws_iam_user_policy',
   56       'aws_iam_user_policy_attachment',
   57     ],
   58   ],
   59   [
   60     'aws_vpc',
   61     [
   62       'aws_security_group',
   63       'aws_security_group_rule',
   64       'aws_subnet',
   65       'aws_default_vpc',
   66       'aws_vpc',
   67       'aws_default_security_group',
   68       'aws_route_table',
   69       'aws_default_route_table',
   70       'aws_route',
   71       'aws_route_table_association',
   72       'aws_nat_gateway',
   73       'aws_internet_gateway',
   74     ],
   75   ],
   76   [
   77     'aws_api_gateway',
   78     [
   79       'aws_api_gateway_resource',
   80       'aws_api_gateway_rest_api',
   81       'aws_api_gateway_account',
   82       'aws_api_gateway_api_key',
   83       'aws_api_gateway_authorizer',
   84       'aws_api_gateway_base_path_mapping',
   85       'aws_api_gateway_domain_name',
   86       'aws_api_gateway_gateway_response',
   87       'aws_api_gateway_integration',
   88       'aws_api_gateway_integration_response',
   89       'aws_api_gateway_method',
   90       'aws_api_gateway_method_response',
   91       'aws_api_gateway_method_settings',
   92       'aws_api_gateway_model',
   93       'aws_api_gateway_request_validator',
   94       'aws_api_gateway_rest_api_policy',
   95       'aws_api_gateway_stage',
   96       'aws_api_gateway_vpc_link',
   97     ],
   98   ],
   99   [
  100     'aws_apigatewayv2',
  101     [
  102       'aws_apigatewayv2_api',
  103       'aws_apigatewayv2_api_mapping',
  104       'aws_apigatewayv2_authorizer',
  105       'aws_apigatewayv2_deployment',
  106       'aws_apigatewayv2_domain_name',
  107       'aws_apigatewayv2_integration',
  108       'aws_apigatewayv2_integration_response',
  109       'aws_apigatewayv2_model',
  110       'aws_apigatewayv2_route',
  111       'aws_apigatewayv2_route_response',
  112       'aws_apigatewayv2_stage',
  113       'aws_apigatewayv2_vpc_link',
  114     ],
  115   ],
  116   ['aws_sqs', ['aws_sqs_queue', 'aws_sqs_queue_policy']],
  117   [
  118     'aws_sns',
  119     ['aws_sns_topic', 'aws_sns_topic_policy', 'aws_sns_topic_subscription'],
  120   ],
  121   ['aws_ecr', ['aws_ecr_repository']],
  122   ['aws_cloudfront', ['aws_cloudfront_distribution']],
  123   ['aws_kms', ['aws_kms_key', 'aws_kms_alias']],
  124   ['aws_dynamodb', ['aws_dynamodb_table']],
  125   // Azure
  126   ['azure_base', ['azurerm_resource_group']],
  127   ['azure_compute', ['azurerm_image', 'azurerm_ssh_public_key']],
  128   ['azure_storage', ['azurerm_storage_account', 'azurerm_storage_container']],
  129   [
  130     'azure_network',
  131     [
  132       'azurerm_resource_group',
  133       'azurerm_subnet',
  134       'azurerm_public_ip',
  135       'azurerm_firewall',
  136       'azurerm_route',
  137       'azurerm_route_table',
  138       'azurerm_network_security_group',
  139     ],
  140   ],
  141   ['azure_container', ['azurerm_container_registry']],
  142   [
  143     'azure_database',
  144     ['azurerm_postgresql_server', 'azurerm_postgresql_database'],
  145   ],
  146   ['azure_loadbalancer', ['azurerm_lb', 'azurerm_lb_rule']],
  147   [
  148     'azure_private_dns',
  149     [
  150       'azurerm_private_dns_a_record',
  151       'azurerm_private_dns_aaaa_record',
  152       'azurerm_private_dns_cname_record',
  153       'azurerm_private_dns_mx_record',
  154       'azurerm_private_dns_ptr_record',
  155       'azurerm_private_dns_srv_record',
  156       'azurerm_private_dns_txt_record',
  157       'azurerm_private_dns_zone',
  158     ],
  159   ],
  160 
  161   // Google
  162   [
  163     'google_cloud_platform',
  164     [
  165       'google_project_iam_binding',
  166       'google_project_iam_member',
  167       'google_project_iam_policy',
  168     ],
  169   ],
  170   [
  171     'google_cloud_storage',
  172     [
  173       'google_storage_bucket',
  174       'google_storage_bucket_iam_binding',
  175       'google_storage_bucket_iam_member',
  176       'google_storage_bucket_iam_policy',
  177     ],
  178   ],
  179   [
  180     'google_compute_engine',
  181     [
  182       'google_compute_address',
  183       'google_compute_disk',
  184       'google_compute_global_address',
  185       'google_compute_firewall',
  186       'google_compute_health_check',
  187       'google_compute_image',
  188       'google_compute_instance',
  189       'google_compute_instance_group',
  190       'google_compute_network',
  191       'google_compute_node_group',
  192       'google_compute_router',
  193       'google_compute_subnetwork',
  194     ],
  195   ],
  196   ['google_cloud_dns', ['google_dns_managed_zone']],
  197   [
  198     'google_cloud_bigtable',
  199     ['google_bigtable_instance', 'google_bigtable_table'],
  200   ],
  201   [
  202     'google_cloud_bigquery',
  203     ['google_bigquery_table', 'google_bigquery_dataset'],
  204   ],
  205   ['google_cloud_functions', ['google_cloudfunctions_function']],
  206   ['google_cloud_sql', ['google_sql_database_instance']],
  207   ['google_cloud_run', ['google_cloud_run_service']],
  208 ]);
  209 
  210 export function verifyServiceMappingExists(services: string[]): void {
  211   if (services.length == 0) {
  212     throw new InvalidServiceError('');
  213   }
  214   for (const s of services) {
  215     if (!services2resources.has(s)) {
  216       throw new InvalidServiceError(
  217         `We were unable to match service "${s}". Please provide a valid service name: ${existingServiceNames()}`,
  218       );
  219     }
  220   }
  221 }
  222 
  223 export function findServiceMappingForType(type: string): string {
  224   for (const service of services2resources.keys()) {
  225     if (services2resources.get(service)?.includes(type)) {
  226       return service;
  227     }
  228   }
  229   return '';
  230 }
  231 
  232 function existingServiceNames(): string {
  233   let res = '';
  234   for (const s of services2resources.keys()) {
  235     res += `${s},`;
  236   }
  237   return res.substring(0, res.length - 1);
  238 }
  239 
  240 export function createIgnorePattern(services: string[]): string {
  241   return createIgnorePatternWithMap(services, services2resources);
  242 }
  243 
  244 export function createIgnorePatternWithMap(
  245   services: string[],
  246   serviceMap: Map<string, Array<string>>,
  247 ): string {
  248   let res = '*';
  249   const seenResources = new Set<string>();
  250   for (const s of services) {
  251     const resourcePatterns = serviceMap.get(s);
  252     for (const rp of resourcePatterns || []) {
  253       // A resource might belong to multiple services, skip it if already processed
  254       if (seenResources.has(rp)) {
  255         continue;
  256       }
  257       res += `,!${rp}`;
  258       seenResources.add(rp);
  259     }
  260   }
  261   return res;
  262 }
  263 
  264 export class InvalidServiceError extends CustomError {
  265   constructor(msg: string) {
  266     super(msg);
  267     this.code = IaCErrorCodes.InvalidServiceError;
  268     this.strCode = getErrorStringCode(this.code);
  269     this.userMessage = msg;
  270   }
  271 }