Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Yor Doesn't Pick Up Tags When Resource Field Removed In Terraform #377

Closed
J-Scriv-Oblak opened this issue May 30, 2023 · 6 comments · Fixed by #409
Closed

Yor Doesn't Pick Up Tags When Resource Field Removed In Terraform #377

J-Scriv-Oblak opened this issue May 30, 2023 · 6 comments · Fixed by #409
Assignees
@ChanochShayner

Comments

@J-Scriv-Oblak
Copy link

J-Scriv-Oblak commented May 30, 2023
edited
Loading

Describe the bug
Yor will not pick up that a resource was updated if you remove one of its fields.

To Reproduce

  1. Establish a resource in your terraform file. When you run yor, it will detect the resource and apply the yor tags.
resource "aws_iam_user" "supercooluser" {
  name = "SuperCoolTesting"
  path = "/verycoolpath/"
}

resource "aws_s3_bucket" "demo3_test_bucket" {
  bucket        = "demo3_test_bucket"
  acl           = "private"
  force_destroy = true
}
  1. Edit that resource to remove one of the optional attributes. In the example above, you can remove the path attribute for the aws_iam_user resource and the force_destroy attribute for the aws_s3_bucket resource
resource "aws_iam_user" "supercooluser" {
  name = "SuperCoolTesting"
  tags = {...}
}

resource "aws_s3_bucket" "demo3_test_bucket" {
  bucket        = "demo3_test_bucket"
  acl           = "private"
  tags        = {...}
}

Expected behavior
The expected behavior is that your would change the git_commit_id since the resource has been changed. It does not though

Screenshots
Screen Shot 2023-05-30 at 12 12 47 PM

Desktop (please complete the following information):

  • OS: Ubuntu 22.0 LTS
  • Yor Version: v0.1.178
@nimrodkor
Copy link
Contributor

This is an interesting one. Yor bases itself on running git blame, and for something that disappears... Yes I see the issue.
We basically iterate over the existing lines and set the history for them, instead of looking at the resource lines / running through the history of the file. I'm open to ideas and a contribution here!

The relevant function:
https://github.com/bridgecrewio/yor/blob/main/src/common/gitservice/blame.go#L22

@srivastavaabhinav
Copy link

@nimrodkor any idea what would be the fix for the above issue? We are experiencing the similar problem. What logic should be used here to record the resource-level changes (deleted lines)?

@stale
Copy link

stale bot commented Jul 2, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix This will not be worked on label Jul 2, 2023
@ChanochShayner ChanochShayner removed the wontfix This will not be worked on label Jul 17, 2023
@ChanochShayner ChanochShayner mentioned this issue Jul 17, 2023
Merged
@ChanochShayner ChanochShayner self-assigned this Jul 17, 2023
@stale
Copy link

stale bot commented Aug 18, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix This will not be worked on label Aug 18, 2023
@J-Scriv-Oblak
Copy link
Author

Commenting to keep this open as its still an issue. I see there is a PR open for it! #409

@stale stale bot removed the wontfix This will not be worked on label Aug 18, 2023
@ChanochShayner
Copy link
Contributor

@J-Scriv-Oblak I've just merged the fix PR, please let me know in case of an issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ChanochShayner ChanochShayner

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Tag resource with remove changes bridgecrewio/yor
4 participants
@nimrodkor @srivastavaabhinav @ChanochShayner @J-Scriv-Oblak