Open breathingdust opened 4 years ago
Covering semgrep
rule for #16532:
- id: prefer-aws-go-sdk-pointer-conversion-conditional
languages: [go]
message: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
paths:
exclude:
- awsproviderlint/vendor/
include:
- aws/
patterns:
- pattern-either:
- pattern: '$LHS == *$RHS'
- pattern: '*$LHS == $RHS'
severity: WARNING
aws/resource_aws_lambda_function.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-conditional: Prefer AWS Go SDK pointer conversion functions for dereferencing during conditionals, e.g. aws.StringValue()
817: if *function.PackageType == lambda.PackageTypeZip {
Other covering rules to enable:
- id: prefer-aws-go-sdk-pointer-conversion-assignment
languages: [go]
message: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
paths:
exclude:
- aws/internal/generators/
- aws/internal/keyvaluetags/
- awsproviderlint/vendor/
include:
- aws/
patterns:
- pattern: '$LHS = *$RHS'
- pattern-not: '*$LHS2 = *$RHS'
severity: WARNING
e.g.
aws/resource_aws_vpc.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
308: classiclink_enabled = *v.ClassicLinkEnabled
333: classiclinkdns_enabled = *v.ClassicLinkDnsSupported
aws/resource_aws_waf_sql_injection_match_set.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
179: m["text_transformation"] = *t.TextTransformation
aws/resource_aws_waf_web_acl.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-assignment: Prefer AWS Go SDK pointer conversion functions for dereferencing during assignment, e.g. aws.StringValue()
239: arn := *resp.WebACL.WebACLArn
- id: prefer-aws-go-sdk-pointer-conversion-ResourceData-SetId
languages: [go]
message: Prefer AWS Go SDK pointer conversion aws.StringValue() function for dereferencing during d.SetId()
paths:
include:
- aws/
pattern: 'd.SetId(*$VALUE)'
severity: WARNING
e.g.
aws/resource_aws_wafregional_web_acl.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-ResourceData-SetId: Prefer AWS Go SDK pointer conversion aws.StringValue() function for dereferencing during d.SetId()
197: d.SetId(*resp.WebACL.WebACLId)
aws/resource_aws_workspaces_ip_group.go
severity:warning rule:prefer-aws-go-sdk-pointer-conversion-ResourceData-SetId: Prefer AWS Go SDK pointer conversion aws.StringValue() function for dereferencing during d.SetId()
75: d.SetId(*resp.GroupId)
Community Note
Description
The AWS Go SDK provides a large amount of type conversion functions for going from pointer values to underlying values and vice-versa. They automatically handle nil values by substituting the zero-value for a type (e.g. aws.StringValue(string) will convert a nil string to "").
We prefer using these functions to:
There are still cases where nil checking is preferred due to behaviors we want in Terraform, however even in these cases we should prefer the AWS Go SDK conversion functions for consistency.
Flagged Code
Passing Code
References