Update to avoid security flaws and deprecation warnings

FidelityInternational · Jul 25, 2022 · 56255c3 · 56255c3
1 parent 4d35935
commit 56255c3
Show file tree

Hide file tree

Showing 11 changed files with 730 additions and 1,245 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,5 @@
 .terraform/
 
-*.tfstate*
+*.tfstate*
+terraform-azurerm-naming
+.terraform.lock.hcl
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,12 +1,12 @@
 # See http://pre-commit.com for more information
 # See http://pre-commit.com/hooks.html for more hooks
 repos:
-  - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.31.0
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.74.1
     hooks:
       - id: terraform_fmt
       - id: terraform_docs
-  - repo: git://github.com/pre-commit/pre-commit-hooks
+  - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v3.1.0
     hooks:
       - id: check-merge-conflict

diff --git a/Makefile b/Makefile
@@ -5,10 +5,10 @@ all: build format validate
 
 .PHONY: install
 install:
-	command -v terraform >/dev/null 2>&1 || GO111MODULE="on" go get github.com/hashicorp/terraform@v0.12.26
-	command -v terraform-docs >/dev/null 2>&1 || GO111MODULE="on" go get github.com/segmentio/terraform-docs@v0.9.1
-	command -v tfsec >/dev/null 2>&1 || GO111MODULE="on" go get github.com/liamg/tfsec/cmd/tfsec@v0.21.0
-	command -v tflint >/dev/null 2>&1 || GO111MODULE="on" go get github.com/terraform-linters/tflint@v0.16.2
+	command -v terraform >/dev/null 2>&1 || go install github.com/hashicorp/terraform@v1.2.5
+	command -v terraform-docs >/dev/null 2>&1 || go install github.com/terraform-docs/terraform-docs@v0.16.0
+	command -v tfsec >/dev/null 2>&1 || go install github.com/aquasecurity/tfsec/cmd/tfsec@latest
+	command -v tflint >/dev/null 2>&1 || go install github.com/terraform-linters/tflint@v0.38.1
 
 .PHONY: build
 build: install generate

diff --git a/README.md b/README.md
diff --git a/go.mod b/go.mod
@@ -1,8 +1,5 @@
 module github.com/azure/terraform-azurerm-naming
 
-go 1.13
+go 1.18
 
-require (
-	github.com/liamg/tfsec v0.21.0 // indirect
-	github.com/terraform-linters/tflint v0.16.2 // indirect
-)
+require golang.org/x/text v0.3.7 // indirect
diff --git a/go.sum b/go.sum
diff --git a/main.go b/main.go
@@ -7,7 +7,11 @@ import (
 	"os"
 	"regexp"
 	"sort"
+	"strings"
 	"text/template"
+
+	"golang.org/x/text/cases"
+	"golang.org/x/text/language"
 )
 
 // Resource definition for the package
@@ -35,12 +39,15 @@ func main() {
 	for i, file := range files {
 		fileNames[i] = "templates/" + file.Name()
 	}
+	caser := cases.Title(language.AmericanEnglish)
 	parsedTemplate, err := template.New("templates").Funcs(template.FuncMap{
 		// Terraform not yet support lookahead in their regex function
 		"cleanRegex": func(dirtyString string) string {
 			var re = regexp.MustCompile(`(?m)\(\?=.{\d+,\d+}\$\)|\(\?!\.\*--\)`)
 			return re.ReplaceAllString(dirtyString, "")
 		},
+		"replace": strings.ReplaceAll,
+		"title":   caser.String,
 	}).ParseFiles(fileNames...)
 	if err != nil {
 		log.Fatal(err)

diff --git a/main.tf b/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     random = {
       source  = "hashicorp/random"
-      version = "~> 3.1.0"
+      version = ">= 3.3.2"
     }
   }
 }
@@ -11,16 +11,18 @@ resource "random_string" "main" {
   length  = 60
   special = false
   upper   = false
-  number  = var.unique-include-numbers
+  numeric = var.unique-include-numbers
 }
 
 resource "random_string" "first_letter" {
   length  = 1
   special = false
   upper   = false
-  number  = false
+  numeric = false
 }
 
+
+
 locals {
   // adding a first letter to guarantee that you always start with a letter
   random_safe_generation = join("", [random_string.first_letter.result, random_string.main.result])
@@ -2144,16 +2146,6 @@ locals {
       scope       = "parent"
       regex       = "^[a-zA-Z0-9][a-zA-Z0-9-._]+[a-zA-Z0-9_]$"
     }
-    synapse_workspace = {
-      name        = substr(join("", compact([local.prefix_safe, "syn", local.suffix_safe])), 0, 45)
-      name_unique = substr(join("", compact([local.prefix_safe, "syn", local.suffix_unique_safe])), 0, 45)
-      dashes      = false
-      slug        = "syn"
-      min_length  = 1
-      max_length  = 45
-      scope       = "global"
-      regex       = "^[a-z0-9]+$"
-    }
     template_deployment = {
       name        = substr(join("-", compact([local.prefix, "deploy", local.suffix])), 0, 64)
       name_unique = substr(join("-", compact([local.prefix, "deploy", local.suffix_unique])), 0, 64)
@@ -2942,6 +2934,10 @@ locals {
       valid_name        = length(regexall(local.az.public_ip_prefix.regex, local.az.public_ip_prefix.name)) > 0 && length(local.az.public_ip_prefix.name) > local.az.public_ip_prefix.min_length
       valid_name_unique = length(regexall(local.az.public_ip_prefix.regex, local.az.public_ip_prefix.name_unique)) > 0
     }
+    recovery_services_vault = {
+      valid_name        = length(regexall(local.az.recovery_services_vault.regex, local.az.recovery_services_vault.name)) > 0 && length(local.az.recovery_services_vault.name) > local.az.recovery_services_vault.min_length
+      valid_name_unique = length(regexall(local.az.recovery_services_vault.regex, local.az.recovery_services_vault.name_unique)) > 0
+    }
     redis_cache = {
       valid_name        = length(regexall(local.az.redis_cache.regex, local.az.redis_cache.name)) > 0 && length(local.az.redis_cache.name) > local.az.redis_cache.min_length
       valid_name_unique = length(regexall(local.az.redis_cache.regex, local.az.redis_cache.name_unique)) > 0