awsproviderlint: New Check: Prefer tfawserr helpers over directly checking (*awserr.Error).Code()

breathingdust commented 4 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The Terraform AWS Provider has helper functions for working with the AWS Go SDK awserr package Error type: tfawserr.ErrCodeEquals(error, string), tfawserr.ErrMessageContains(error, string, string)

We prefer these helper functions for a few reasons:

Simplifies and standardizes AWS Go SDK error checking logic
Performs Go 1.13 wrapped error checking (when additional context is added via fmt.Errorf() and the %w verb)

Flagged Code

if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchBucketPolicy" {
}

Passing Code

import "github.com/hashicorp/aws-sdk-go-base/tfawserr"
// ...
if tfawserr.ErrCodeEquals(err, "NoSuchBucketPolicy") {
}

bflad commented 4 years ago

Given this is a little easier to implement in semgrep rather than direct AST, this semgrep rule should get us close:

  - id: aws-go-sdk-error-code-helper
    languages: [go]
    message: 'Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)'
    paths:
      include:
        - aws/
    patterns:
      - pattern-either:
        - pattern: if $AWSERR, $OK := $ORIGINALERR.(awserr.Error); $OK && $AWSERR.Code() == $CODE { $BODY }
        - pattern: |
            if $AWSERR, $OK := $ORIGINALERR.(awserr.Error); $OK {
              if $AWSERR.Code() == $CODE { $BODY }
            }
    severity: WARNING

Unfortunately semgrep's fix handling in Go is a little lacking at the moment and $BODY drops important syntax tokens, but at least we can report it.

ewbankkit commented 4 years ago

Following the merge of #13036, our target can be:

if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchBucketPolicy" {
}

=>

import "github.com/hashicorp/aws-sdk-go-base/tfawserr"

if tfawserr.ErrCodeEquals(err, "NoSuchBucketPolicy") {
}

and

if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "DeleteConflict" && strings.Contains(awsErr.Message(), "currently in use by arn") {
}

=>

import "github.com/hashicorp/aws-sdk-go-base/tfawserr"

if tfawserr.ErrMessageContains(err, "DeleteConflict",  "currently in use by arn") {
}

bflad commented 4 years ago

Current reports for reference:

aws/resource_aws_app_cookie_stickiness_policy.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
156:        if ec2err, ok := err.(awserr.Error); ok {
157:            if ec2err.Code() == "LoadBalancerNotFound" {
158:                return false, nil
159:            }
160:        }

aws/resource_aws_cloudwatch_log_group.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
93:     if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == cloudwatchlogs.ErrCodeResourceAlreadyExistsException {
94:         return fmt.Errorf("Creating CloudWatch Log Group failed: %s:  The CloudWatch Log Group '%s' already exists.", err, d.Get("name").(string))
95:     }

aws/resource_aws_cloudwatch_log_metric_filter.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
160:        if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceNotFoundException" {
161:            return nil, &resource.NotFoundError{
162:                Message: fmt.Sprintf("CloudWatch Log Metric Filter %q / %q not found via"+
163:                    " initial DescribeMetricFilters call", name, logGroupName),
164:                LastError:   err,
165:                LastRequest: input,
166:            }
167:        }

aws/resource_aws_codecommit_repository_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
223:        if ae, ok := err.(awserr.Error); ok && ae.Code() == "RepositoryDoesNotExistException" {
224:            continue
225:        }

aws/resource_aws_codecommit_trigger_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
47:     if ae, ok := err.(awserr.Error); ok && ae.Code() == "RepositoryDoesNotExistException" {
48:         continue
49:     }

aws/resource_aws_codedeploy_app.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
160:        if cderr, ok := err.(awserr.Error); ok && cderr.Code() == "InvalidApplicationNameException" {
161:            return nil
162:        } else {
163:            log.Printf("[ERROR] Error deleting CodeDeploy application: %s", err)
164:            return err
165:        }

aws/resource_aws_codedeploy_deployment_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
2156:       if ae, ok := err.(awserr.Error); ok && ae.Code() == "ApplicationDoesNotExistException" {
2157:           continue
2158:       }

aws/resource_aws_cognito_identity_pool_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
353:            if wserr, ok := err.(awserr.Error); ok && wserr.Code() == cognitoidentity.ErrCodeResourceNotFoundException {
354:                return nil
355:            }

aws/resource_aws_cognito_user_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
173:            if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceNotFoundException" {
174:                return nil
175:            }

aws/resource_aws_cognito_user_pool_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
1175:           if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == cognitoidentityprovider.ErrCodeResourceNotFoundException {
1176:               return nil
1177:           }

aws/resource_aws_config_config_rule.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
172:            if awsErr, ok := err.(awserr.Error); ok {
173:                if awsErr.Code() == "InsufficientPermissionsException" {
174:                    // IAM is eventually consistent
175:                    return resource.RetryableError(err)
176:                }
177:            }
275:            if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceInUseException" {
276:                return resource.RetryableError(err)
277:            }
303:                if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchConfigRuleException" {
304:                    return 42, "", nil
305:                }

aws/resource_aws_dms_replication_task.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
313:            if dmserr, ok := err.(awserr.Error); ok && dmserr.Code() == "ResourceNotFoundFault" {
314:                return nil, "", nil
315:            }

aws/resource_aws_docdb_cluster_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
491:        if awsErr, ok := err.(awserr.Error); ok {
492:            if awsErr.Code() == "DBClusterNotFoundFault" {
493:                return nil
494:            }
495:        }
586:            if awsErr, ok := err.(awserr.Error); ok {
587:                if awsErr.Code() == "DBClusterNotFoundFault" {
588:                    return nil
589:                }
590:            }

aws/resource_aws_dynamodb_table_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
1311:       if dbErr, ok := err.(awserr.Error); ok && dbErr.Code() == "ResourceNotFoundException" {
1312:           return nil
1313:       }

aws/resource_aws_ecr_repository_policy_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
76:         if ecrerr, ok := err.(awserr.Error); ok && ecrerr.Code() == "RepositoryNotFoundException" {
77:             return nil
78:         }

aws/resource_aws_eip.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
487:    if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidAssociationID.NotFound" {
488:        err = nil
489:    }

aws/resource_aws_elastic_beanstalk_application_version.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
180:        if awserr, ok := err.(awserr.Error); ok {
181:            // application version is pending delete, or no longer exists.
182:            if awserr.Code() == "InvalidParameterValue" {
183:                return nil
184:            }
185:        }

aws/resource_aws_elasticache_cluster_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
757:            if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "CacheClusterNotFound" {
758:                continue
759:            }

aws/resource_aws_elasticache_replication_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
867:            if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ReplicationGroupNotFoundFault" {
868:                continue
869:            }

aws/resource_aws_elasticache_security_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
109:        if awserr, ok := err.(awserr.Error); ok && awserr.Code() == "CacheSecurityGroupNotFound" {
110:            continue
111:        }

aws/resource_aws_elasticache_subnet_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
90:         if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "CacheSubnetGroupNotFoundFault" {
91:             continue
92:         }

aws/resource_aws_elasticsearch_domain_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
1264:           if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceNotFoundException" {
1265:               continue
1266:           }

aws/resource_aws_elb.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
309:            if awsErr, ok := err.(awserr.Error); ok {
310:                // Check for IAM SSL Cert error, eventual consistancy issue
311:                if awsErr.Code() == elb.ErrCodeCertificateNotFoundException {
312:                    return resource.RetryableError(
313:                        fmt.Errorf("Error creating ELB Listener with SSL Cert, retrying: %s", err))
314:                }
315:            }

aws/resource_aws_emr_cluster.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
1890:           if awsErr, ok := err.(awserr.Error); ok {
1891:               if awsErr.Code() == "ClusterNotFound" {
1892:                   return 42, "destroyed", nil
1893:               }
1894:           }

aws/resource_aws_glacier_vault.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
173:    if awserr, ok := err.(awserr.Error); ok && awserr.Code() == "ResourceNotFoundException" {
174:        d.Set("access_policy", "")
175:    } else if pol != nil {
176:        policy, err := structure.NormalizeJsonString(*pol.Policy.Policy)
177:        if err != nil {
178:            return fmt.Errorf("access policy contains an invalid JSON: %s", err)
179:        }
180:        d.Set("access_policy", policy)
181:    } else {
182:        return err
183:    }
186:    if awserr, ok := err.(awserr.Error); ok && awserr.Code() == "ResourceNotFoundException" {
187:        d.Set("notification", "")
188:    } else if pol != nil {
189:        d.Set("notification", notifications)
190:    } else {
191:        return err
192:    }

aws/resource_aws_glacier_vault_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
231:            if ae, ok := err.(awserr.Error); ok && ae.Code() == "ResourceNotFoundException" {
232:                continue
233:            }

aws/resource_aws_iam_group_membership.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
145:            if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
146:                return nil
147:            }

aws/resource_aws_iam_group_membership_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
98:         if ae, ok := err.(awserr.Error); ok && ae.Code() == "NoSuchEntity" {
99:             continue
100:            }

aws/resource_aws_iam_openid_connect_provider_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
92:         if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
93:             // none found, that's good
94:             return nil
95:         }

aws/resource_aws_iam_role_policy_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
235:            if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
236:                // none found, that's good
237:                return nil
238:            }

aws/resource_aws_iam_user_policy_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
280:            if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
281:                // none found, that's good
282:                return nil
283:            }

aws/resource_aws_inspector_assessment_template_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
135:            if inspectorerr, ok := err.(awserr.Error); ok && inspectorerr.Code() == "InvalidInputException" {
136:                return nil
137:            } else {
138:                return fmt.Errorf("Error finding Inspector Assessment Template: %s", err)
139:            }

aws/resource_aws_lambda_event_source_mapping.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
241:            if awserr, ok := err.(awserr.Error); ok {
242:                if awserr.Code() == "InvalidParameterValueException" {
243:                    return resource.RetryableError(awserr)
244:                }
245:            }

aws/resource_aws_lambda_permission.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
208:            if awsErr, ok := err.(awserr.Error); ok {
209:                if awsErr.Code() == "ResourceNotFoundException" {
210:                    return resource.RetryableError(err)
211:                }
212:            }

aws/resource_aws_lambda_permission_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
651:    if awsErr, ok := err.(awserr.Error); ok {
652:        if awsErr.Code() == "ResourceNotFoundException" {
653:            // no policy found => all statements deleted
654:            return nil
655:        }
656:    }

aws/resource_aws_lightsail_domain_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
117:        if awsErr, ok := err.(awserr.Error); ok {
118:            if awsErr.Code() == "NotFoundException" {
119:                return nil
120:            }
121:        }

aws/resource_aws_lightsail_instance_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
268:        if awsErr, ok := err.(awserr.Error); ok {
269:            if awsErr.Code() == "NotFoundException" {
270:                return nil
271:            }
272:        }

aws/resource_aws_lightsail_key_pair_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
158:        if awsErr, ok := err.(awserr.Error); ok {
159:            if awsErr.Code() == "NotFoundException" {
160:                return nil
161:            }
162:        }

aws/resource_aws_lightsail_static_ip_attachment_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
126:        if awsErr, ok := err.(awserr.Error); ok {
127:            if awsErr.Code() == "NotFoundException" {
128:                return nil
129:            }
130:        }

aws/resource_aws_lightsail_static_ip_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
170:        if awsErr, ok := err.(awserr.Error); ok {
171:            if awsErr.Code() == "NotFoundException" {
172:                return nil
173:            }
174:        }

aws/resource_aws_load_balancer_backend_server_policy_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
93:             if ec2err, ok := err.(awserr.Error); ok && (ec2err.Code() == "LoadBalancerNotFound") {
94:                 continue
95:             }

aws/resource_aws_load_balancer_listener_policy_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
87:             if ec2err, ok := err.(awserr.Error); ok && (ec2err.Code() == "LoadBalancerNotFound") {
88:                 continue
89:             }

aws/resource_aws_load_balancer_policy.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
237:        if ec2err, ok := err.(awserr.Error); ok {
238:            if ec2err.Code() == "LoadBalancerNotFound" {
239:                return false, nil
240:            }
241:        }
287:        if ec2err, ok := err.(awserr.Error); ok {
288:            if ec2err.Code() == "LoadBalancerNotFound" {
289:                return reassignments, nil
290:            }
291:        }

aws/resource_aws_main_route_table_association_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
48:         if ae, ok := err.(awserr.Error); ok && ae.Code() == "ApplicationDoesNotExistException" {
49:             continue
50:         }

aws/resource_aws_network_interface_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
496:            if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidNetworkInterfaceID.NotFound" {
497:                return nil
498:            }

aws/resource_aws_opsworks_instance_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
185:            if awserr, ok := err.(awserr.Error); ok {
186:                if awserr.Code() == "ResourceNotFoundException" {
187:                    // not found, good to go
188:                    return nil
189:                }
190:            }

aws/resource_aws_opsworks_stack_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
503:            if awserr, ok := err.(awserr.Error); ok {
504:                if awserr.Code() == "ResourceNotFoundException" {
505:                    // not found, all good
506:                    return nil
507:                }
508:            }

aws/resource_aws_rds_cluster_endpoint_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
162:        if awsErr, ok := err.(awserr.Error); ok {
163:            if awsErr.Code() == "DBClusterNotFoundFault" {
164:                return nil
165:            }
166:        }

aws/resource_aws_rds_cluster_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
2168:       if awsErr, ok := err.(awserr.Error); ok {
2169:           if awsErr.Code() == "DBClusterNotFoundFault" {
2170:               return nil
2171:           }
2172:       }
2217:           if awsErr, ok := err.(awserr.Error); ok {
2218:               if awsErr.Code() == "DBClusterNotFoundFault" {
2219:                   return nil
2220:               }
2221:           }

aws/resource_aws_redshift_cluster_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
604:        if awsErr, ok := err.(awserr.Error); ok {
605:            if awsErr.Code() == "ClusterNotFound" {
606:                return nil
607:            }
608:        }

aws/resource_aws_route53_record_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
1030:           if awsErr, ok := err.(awserr.Error); ok {
1031:               // if NoSuchHostedZone, then all the things are destroyed
1032:               if awsErr.Code() == "NoSuchHostedZone" {
1033:                   return nil
1034:               }
1035:           }

aws/resource_aws_route_table_association.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
74:         if awsErr, ok := err.(awserr.Error); ok {
75:             if awsErr.Code() == "InvalidRouteTableID.NotFound" {
76:                 return resource.RetryableError(awsErr)
77:             }
78:         }

aws/resource_aws_s3_bucket_notification_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
275:                if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchBucket" {
276:                    return nil
277:                }

aws/resource_aws_s3_bucket_policy.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
111:        if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchBucket" {
112:            return nil
113:        }

aws/resource_aws_s3_bucket_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
2583:           if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoSuchBucketPolicy" {
2584:               // expected
2585:               return nil
2586:           }

aws/resource_aws_security_group_rule.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
210:        if awsErr, ok := autherr.(awserr.Error); ok {
211:            if awsErr.Code() == "InvalidPermission.Duplicate" {
212:                return fmt.Errorf(`[WARN] A duplicate Security Group rule was found on (%s). This may be
213:a side effect of a now-fixed Terraform issue causing two security groups with
214:identical attributes but different source_security_group_ids to overwrite each
215:other in the state. See https://github.com/hashicorp/terraform/pull/2376 for more
216:information and instructions for recovery. Error message: %s`, sg_id, awsErr.Message())
217:            }
218:        }
415:    if err, ok := err.(awserr.Error); ok && err.Code() == "InvalidGroup.NotFound" {
416:        return nil, securityGroupNotFound{id, nil}
417:    }

aws/resource_aws_ses_template_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
163:                if awsErr, ok := err.(awserr.Error); ok && (awsErr.Code() == "TemplateDoesNotExist") {
164:                    return nil
165:                }

aws/resource_aws_sfn_activity_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
123:                if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ActivityDoesNotExist" {
124:                    return nil
125:                }

aws/resource_aws_spot_instance_request.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
427:            if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidSpotInstanceRequestID.NotFound" {
428:                // Set this to nil as if we didn't find anything.
429:                resp = nil
430:            } else {
431:                log.Printf("Error on StateRefresh: %s", err)
432:                return nil, "", err
433:            }

aws/resource_aws_ssm_document_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
548:            if wserr, ok := err.(awserr.Error); ok && wserr.Code() == ssm.ErrCodeInvalidDocument {
549:                return nil
550:            }

aws/resource_aws_ssm_maintenance_window_task_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
309:            if ae, ok := err.(awserr.Error); ok && ae.Code() == "DoesNotExistException" {
310:                continue
311:            }

aws/resource_aws_ssm_patch_group_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
71:         if ae, ok := err.(awserr.Error); ok && ae.Code() == "DoesNotExistException" {
72:             continue
73:         }

aws/resource_aws_vpc.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
298:        if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "UnsupportedOperation" {
299:            log.Printf("[WARN] VPC Classic Link is not supported in this region")
300:        } else {
301:            return err
302:        }
576:            if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpcID.NotFound" {
577:                resp = nil
578:            } else {
579:                log.Printf("Error on VPCStateRefresh: %s", err)
580:                return nil, "", err
581:            }

aws/resource_aws_vpc_endpoint_connection_notification_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
66:         if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidConnectionNotification" {
67:             continue
68:         }

aws/resource_aws_vpc_endpoint_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
522:            if ae, ok := err.(awserr.Error); ok && ae.Code() == "InvalidVpcEndpointId.NotFound" {
523:                continue
524:            }

aws/resource_aws_vpn_connection_route.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
108:        if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" {
109:            return nil
110:        }
148:        if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" {
149:            return nil, nil
150:        }

aws/resource_aws_vpn_connection_route_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
63:         if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" {
64:             // not found, all good
65:             return nil
66:         }

aws/resource_aws_vpn_connection_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
339:            if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidVpnConnectionID.NotFound" {
340:                // not found
341:                return nil
342:            }

aws/resource_aws_waf_byte_match_set_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
305:        if awsErr, ok := err.(awserr.Error); ok {
306:            if awsErr.Code() == "WAFNonexistentItemException" {
307:                return nil
308:            }
309:        }

aws/resource_aws_waf_rate_based_rule_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
297:        if awsErr, ok := err.(awserr.Error); ok {
298:            if awsErr.Code() == waf.ErrCodeNonexistentItemException {
299:                return nil
300:            }
301:        }

aws/resource_aws_waf_rule_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
373:        if awsErr, ok := err.(awserr.Error); ok {
374:            if awsErr.Code() == waf.ErrCodeNonexistentItemException {
375:                return nil
376:            }
377:        }

aws/resource_aws_waf_size_constraint_set_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
285:        if awsErr, ok := err.(awserr.Error); ok {
286:            if awsErr.Code() == waf.ErrCodeNonexistentItemException {
287:                return nil
288:            }
289:        }

aws/resource_aws_wafregional_ipset_test.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
398:        if awsErr, ok := err.(awserr.Error); ok {
399:            if awsErr.Code() == "WAFNonexistentItemException" {
400:                return nil
401:            }
402:        }

awsproviderlint/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
64:         if e, ok := requestFailureError.OrigErr().(awserr.Error); ok {
65:             if e.Code() == request.ErrCodeRequestError {
66:                 atomic.StoreUint32(&t.disabled, 1)
67:             }
68:         }

awsproviderlint/vendor/github.com/aws/aws-sdk-go/aws/request/timeout_read_closer.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
62: if err, ok := req.Error.(awserr.Error); ok {
63:     aerr, ok := err.OrigErr().(awserr.Error)
64:     if ok && aerr.Code() == ErrCodeResponseTimeout {
65:         req.Error = aerr
66:     }
67: }

awsproviderlint/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go
severity:warning rule:aws-go-sdk-error-code-helper: Use `tfawserr` helpers for checking AWS Go SDK errors (e.g. `tfawserr.ErrMessageContains(err, CODE, MESSAGE)`)
164:        if aerr, ok := err.(awserr.Error); ok && aerr.Code() == ini.ErrCodeUnableToReadFile {
165:            // Skip files which can't be opened and read for whatever reason
166:            continue
167:        } else if err != nil {
168:            return nil, SharedConfigLoadError{Filename: filename, Err: err}
169:        }

github-actions[bot] commented 2 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashicorp / terraform-provider-aws