Generate validation rules for map attributes

rules/models/aws_acm_certificate_invalid_tags.go

@@ -0,0 +1,125 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"regexp"
+
+	"github.com/terraform-linters/tflint-plugin-sdk/hclext"
+	"github.com/terraform-linters/tflint-plugin-sdk/logger"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsAcmCertificateInvalidTagsRule checks the pattern is valid
+type AwsAcmCertificateInvalidTagsRule struct {
+	tflint.DefaultRule
+
+	resourceType  string
+	attributeName string
+	keyMax        int
+	keyMin        int
+	keyPattern    *regexp.Regexp
+	valueMax      int
+	valuePattern  *regexp.Regexp
+}
+
+// NewAwsAcmCertificateInvalidTagsRule returns new rule with default attributes
+func NewAwsAcmCertificateInvalidTagsRule() *AwsAcmCertificateInvalidTagsRule {
+	return &AwsAcmCertificateInvalidTagsRule{
+		resourceType:  "aws_acm_certificate",
+		attributeName: "tags",
+		keyMax:        128,
+		keyMin:        1,
+		keyPattern:    regexp.MustCompile(`^[\p{L}\p{Z}\p{N}_.:\/=+\-@]*$`),
+		valueMax:      256,
+		valuePattern:  regexp.MustCompile(`^[\p{L}\p{Z}\p{N}_.:\/=+\-@]*$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsAcmCertificateInvalidTagsRule) Name() string {
+	return "aws_acm_certificate_invalid_tags"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsAcmCertificateInvalidTagsRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsAcmCertificateInvalidTagsRule) Severity() tflint.Severity {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsAcmCertificateInvalidTagsRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsAcmCertificateInvalidTagsRule) Check(runner tflint.Runner) error {
+	logger.Trace("Check `%s` rule", r.Name())
+
+	resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{
+		Attributes: []hclext.AttributeSchema{
+			{Name: r.attributeName},
+		},
+	}, nil)
+	if err != nil {
+		return err
+	}
+
+	for _, resource := range resources.Blocks {
+		attribute, exists := resource.Body.Attributes[r.attributeName]
+		if !exists {
+			continue
+		}
+
+		err := runner.EvaluateExpr(attribute.Expr, func(val map[string]string) error {
+			for k, v := range val {
+				if len(k) > r.keyMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 128 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(k) < r.keyMin {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 1 characters or higher", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.keyPattern.MatchString(k) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag key %q does not match valid pattern %s`, truncateLongMessage(k), `^[\p{L}\p{Z}\p{N}_.:\/=+\-@]*$`),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(v) > r.valueMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag value for key %q must be 256 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.valuePattern.MatchString(v) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag value %q for key %q does not match valid pattern %s`, truncateLongMessage(v), truncateLongMessage(k), `^[\p{L}\p{Z}\p{N}_.:\/=+\-@]*$`),
+						attribute.Expr.Range(),
+					)
+				}
+			}
+			return nil
+		}, nil)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

rules/models/aws_alb_invalid_tags.go

@@ -0,0 +1,125 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"regexp"
+
+	"github.com/terraform-linters/tflint-plugin-sdk/hclext"
+	"github.com/terraform-linters/tflint-plugin-sdk/logger"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsALBInvalidTagsRule checks the pattern is valid
+type AwsALBInvalidTagsRule struct {
+	tflint.DefaultRule
+
+	resourceType  string
+	attributeName string
+	keyMax        int
+	keyMin        int
+	keyPattern    *regexp.Regexp
+	valueMax      int
+	valuePattern  *regexp.Regexp
+}
+
+// NewAwsALBInvalidTagsRule returns new rule with default attributes
+func NewAwsALBInvalidTagsRule() *AwsALBInvalidTagsRule {
+	return &AwsALBInvalidTagsRule{
+		resourceType:  "aws_alb",
+		attributeName: "tags",
+		keyMax:        128,
+		keyMin:        1,
+		keyPattern:    regexp.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+		valueMax:      256,
+		valuePattern:  regexp.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsALBInvalidTagsRule) Name() string {
+	return "aws_alb_invalid_tags"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsALBInvalidTagsRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsALBInvalidTagsRule) Severity() tflint.Severity {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsALBInvalidTagsRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsALBInvalidTagsRule) Check(runner tflint.Runner) error {
+	logger.Trace("Check `%s` rule", r.Name())
+
+	resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{
+		Attributes: []hclext.AttributeSchema{
+			{Name: r.attributeName},
+		},
+	}, nil)
+	if err != nil {
+		return err
+	}
+
+	for _, resource := range resources.Blocks {
+		attribute, exists := resource.Body.Attributes[r.attributeName]
+		if !exists {
+			continue
+		}
+
+		err := runner.EvaluateExpr(attribute.Expr, func(val map[string]string) error {
+			for k, v := range val {
+				if len(k) > r.keyMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 128 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(k) < r.keyMin {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 1 characters or higher", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.keyPattern.MatchString(k) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag key %q does not match valid pattern %s`, truncateLongMessage(k), `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(v) > r.valueMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag value for key %q must be 256 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.valuePattern.MatchString(v) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag value %q for key %q does not match valid pattern %s`, truncateLongMessage(v), truncateLongMessage(k), `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+						attribute.Expr.Range(),
+					)
+				}
+			}
+			return nil
+		}, nil)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

rules/models/aws_alb_target_group_invalid_tags.go

@@ -0,0 +1,125 @@
+// This file generated by `generator/`. DO NOT EDIT
+
+package models
+
+import (
+	"fmt"
+	"regexp"
+
+	"github.com/terraform-linters/tflint-plugin-sdk/hclext"
+	"github.com/terraform-linters/tflint-plugin-sdk/logger"
+	"github.com/terraform-linters/tflint-plugin-sdk/tflint"
+)
+
+// AwsALBTargetGroupInvalidTagsRule checks the pattern is valid
+type AwsALBTargetGroupInvalidTagsRule struct {
+	tflint.DefaultRule
+
+	resourceType  string
+	attributeName string
+	keyMax        int
+	keyMin        int
+	keyPattern    *regexp.Regexp
+	valueMax      int
+	valuePattern  *regexp.Regexp
+}
+
+// NewAwsALBTargetGroupInvalidTagsRule returns new rule with default attributes
+func NewAwsALBTargetGroupInvalidTagsRule() *AwsALBTargetGroupInvalidTagsRule {
+	return &AwsALBTargetGroupInvalidTagsRule{
+		resourceType:  "aws_alb_target_group",
+		attributeName: "tags",
+		keyMax:        128,
+		keyMin:        1,
+		keyPattern:    regexp.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+		valueMax:      256,
+		valuePattern:  regexp.MustCompile(`^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+	}
+}
+
+// Name returns the rule name
+func (r *AwsALBTargetGroupInvalidTagsRule) Name() string {
+	return "aws_alb_target_group_invalid_tags"
+}
+
+// Enabled returns whether the rule is enabled by default
+func (r *AwsALBTargetGroupInvalidTagsRule) Enabled() bool {
+	return true
+}
+
+// Severity returns the rule severity
+func (r *AwsALBTargetGroupInvalidTagsRule) Severity() tflint.Severity {
+	return tflint.ERROR
+}
+
+// Link returns the rule reference link
+func (r *AwsALBTargetGroupInvalidTagsRule) Link() string {
+	return ""
+}
+
+// Check checks the pattern is valid
+func (r *AwsALBTargetGroupInvalidTagsRule) Check(runner tflint.Runner) error {
+	logger.Trace("Check `%s` rule", r.Name())
+
+	resources, err := runner.GetResourceContent(r.resourceType, &hclext.BodySchema{
+		Attributes: []hclext.AttributeSchema{
+			{Name: r.attributeName},
+		},
+	}, nil)
+	if err != nil {
+		return err
+	}
+
+	for _, resource := range resources.Blocks {
+		attribute, exists := resource.Body.Attributes[r.attributeName]
+		if !exists {
+			continue
+		}
+
+		err := runner.EvaluateExpr(attribute.Expr, func(val map[string]string) error {
+			for k, v := range val {
+				if len(k) > r.keyMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 128 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(k) < r.keyMin {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag key %q must be 1 characters or higher", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.keyPattern.MatchString(k) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag key %q does not match valid pattern %s`, truncateLongMessage(k), `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+						attribute.Expr.Range(),
+					)
+				}
+				if len(v) > r.valueMax {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf("tag value for key %q must be 256 characters or less", truncateLongMessage(k)),
+						attribute.Expr.Range(),
+					)
+				}
+				if !r.valuePattern.MatchString(v) {
+					runner.EmitIssue(
+						r,
+						fmt.Sprintf(`tag value %q for key %q does not match valid pattern %s`, truncateLongMessage(v), truncateLongMessage(k), `^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$`),
+						attribute.Expr.Range(),
+					)
+				}
+			}
+			return nil
+		}, nil)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}