feat: resolved lint errors

Infisical · May 27, 2024 · 306e62c · 306e62c
1 parent 2654cf7
commit 306e62c
Show file tree

Hide file tree

Showing 11 changed files with 117 additions and 66 deletions.
diff --git a/internal/client/model.go b/internal/client/model.go
@@ -99,7 +99,7 @@ type ProjectIdentitySpecificPrivilege struct {
 	TemporaryRange           string    `json:"temporaryRange"`
 	TemporaryAccessStartTime time.Time `json:"temporaryAccessStartTime"`
 	TemporaryAccessEndTime   time.Time `json:"temporaryAccessEndTime"`
-	// because permission can have multiple structure
+	// because permission can have multiple structure.
 	Permissions []map[string]any
 	CreatedAt   time.Time `json:"createdAt"`
 	UpdatedAt   time.Time `json:"updatedAt"`
@@ -109,7 +109,7 @@ type ProjectRole struct {
 	ID          string `json:"id"`
 	Name        string `json:"name"`
 	Description string `json:"description"`
-	// because permission can have multiple structure
+	// because permission can have multiple structure.
 	Permissions []map[string]any
 }
 
@@ -193,12 +193,12 @@ type SingleEnvironmentVariable struct {
 	Comment string `json:"comment"`
 }
 
-// Workspace key request
+// Workspace key request.
 type GetEncryptedWorkspaceKeyRequest struct {
 	WorkspaceId string `json:"workspaceId"`
 }
 
-// Workspace key response
+// Workspace key response.
 type GetEncryptedWorkspaceKeyResponse struct {
 	ID           string `json:"_id"`
 	EncryptedKey string `json:"encryptedKey"`
@@ -221,7 +221,7 @@ type GetEncryptedWorkspaceKeyResponse struct {
 	UpdatedAt time.Time `json:"updatedAt"`
 }
 
-// encrypted secret
+// encrypted secret.
 type EncryptedSecret struct {
 	SecretName              string `json:"secretName"`
 	WorkspaceID             string `json:"workspaceId"`
@@ -239,7 +239,7 @@ type EncryptedSecret struct {
 	SecretPath              string `json:"secretPath"`
 }
 
-// create secrets
+// create secrets.
 type CreateSecretV3Request struct {
 	SecretName              string `json:"secretName"`
 	WorkspaceID             string `json:"workspaceId"`
@@ -257,7 +257,7 @@ type CreateSecretV3Request struct {
 	SecretPath              string `json:"secretPath"`
 }
 
-// delete secret by name api
+// delete secret by name api.
 type DeleteSecretV3Request struct {
 	SecretName  string `json:"secretName"`
 	WorkspaceId string `json:"workspaceId"`
@@ -266,7 +266,7 @@ type DeleteSecretV3Request struct {
 	SecretPath  string `json:"secretPath"`
 }
 
-// update secret by name api
+// update secret by name api.
 type UpdateSecretByNameV3Request struct {
 	SecretName            string `json:"secretName"`
 	WorkspaceID           string `json:"workspaceId"`
@@ -278,7 +278,7 @@ type UpdateSecretByNameV3Request struct {
 	SecretValueTag        string `json:"secretValueTag"`
 }
 
-// get secret by name api
+// get secret by name api.
 type GetSingleSecretByNameV3Request struct {
 	SecretName  string `json:"secretName"`
 	WorkspaceId string `json:"workspaceId"`
@@ -315,7 +315,7 @@ type GetSingleRawSecretByNameSecretResponse struct {
 	Secret RawV3Secret `json:"secret"`
 }
 
-// create secrets
+// create secrets.
 type CreateRawSecretV3Request struct {
 	WorkspaceID   string `json:"workspaceId"`
 	Type          string `json:"type"`
@@ -334,7 +334,7 @@ type DeleteRawSecretV3Request struct {
 	SecretPath  string `json:"secretPath"`
 }
 
-// update secret by name api
+// update secret by name api.
 type UpdateRawSecretByNameV3Request struct {
 	SecretName  string `json:"secretName"`
 	WorkspaceID string `json:"workspaceId"`
@@ -423,7 +423,7 @@ type DeleteProjectUserResponseMembers struct {
 	UserId string `json:"userId"`
 }
 
-// identity
+// identity.
 type CreateProjectIdentityRequest struct {
 	ProjectID  string                              `json:"projectId"`
 	IdentityID string                              `json:"identityId"`

diff --git a/internal/client/secrets.go b/internal/client/secrets.go
@@ -228,7 +228,6 @@ func (client Client) GetSingleRawSecretByNameV3(request GetSingleSecretByNameV3R
 	return secretsResponse, nil
 }
 
-
 func (client Client) GetPlainTextSecretsViaServiceToken(secretFolderPath string, envSlug string) ([]SingleEnvironmentVariable, *GetServiceTokenDetailsResponse, error) {
 	if client.Config.ServiceToken == "" {
 		return nil, nil, fmt.Errorf("service token must be defined to fetch secrets")
@@ -301,7 +300,6 @@ func (client Client) GetRawSecrets(secretFolderPath string, envSlug string, work
 
 }
 
-
 func GetPlainTextSecrets(key []byte, encryptedSecrets GetEncryptedSecretsV3Response) ([]SingleEnvironmentVariable, error) {
 	plainTextSecrets := []SingleEnvironmentVariable{}
 	for _, secret := range encryptedSecrets.Secrets {
@@ -365,7 +363,7 @@ func GetPlainTextSecrets(key []byte, encryptedSecrets GetEncryptedSecretsV3Respo
 		plainTextSecret := SingleEnvironmentVariable{
 			Key:     string(plainTextKey),
 			Value:   string(plainTextValue),
-			Type:    string(secret.Type),
+			Type:    secret.Type,
 			ID:      secret.ID,
 			Tags:    secret.Tags,
 			Comment: string(plainTextComment),

diff --git a/internal/crypto/crypto.go b/internal/crypto/crypto.go
@@ -9,9 +9,9 @@ import (
 	"golang.org/x/crypto/nacl/box"
 )
 
-// will decrypt cipher text to plain text using iv and tag
+// will decrypt cipher text to plain text using iv and tag.
 func DecryptSymmetric(key []byte, cipherText []byte, tag []byte, iv []byte) ([]byte, error) {
-	// Case: empty string
+	// Case: empty string.
 	if len(cipherText) == 0 && len(tag) == 0 && len(iv) == 0 {
 		return []byte{}, nil
 	}
@@ -27,7 +27,7 @@ func DecryptSymmetric(key []byte, cipherText []byte, tag []byte, iv []byte) ([]b
 	}
 
 	var nonce = iv
-	var ciphertext = append(cipherText, tag...) // the aesgcm open method expects auth tag at the end of the cipher text
+	var ciphertext = append(cipherText, tag...) // the aesgcm open method expects auth tag at the end of the cipher text.
 
 	plaintext, err := aesgcm.Open(nil, nonce, ciphertext, nil)
 	if err != nil {
@@ -38,12 +38,12 @@ func DecryptSymmetric(key []byte, cipherText []byte, tag []byte, iv []byte) ([]b
 }
 
 func GenerateNewKey() (newKey []byte, keyErr error) {
-	key := make([]byte, 16) // block size defaults to 16 so this is fine
+	key := make([]byte, 16) // block size defaults to 16 so this is fine.
 	_, err := rand.Read(key)
 	return key, err
 }
 
-// Will encrypt a plain text with the provided key
+// Will encrypt a plain text with the provided key.
 func EncryptSymmetric(plaintext []byte, key []byte) (result SymmetricEncryptionResult, err error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
@@ -63,7 +63,7 @@ func EncryptSymmetric(plaintext []byte, key []byte) (result SymmetricEncryptionR
 
 	ciphertext := aesgcm.Seal(nil, nonce, plaintext, nil)
 
-	ciphertextOnly := ciphertext[:len(ciphertext)-16] // combines the auth tag with the cipher text so we need to extract it
+	ciphertextOnly := ciphertext[:len(ciphertext)-16] // combines the auth tag with the cipher text so we need to extract it.
 
 	authTag := ciphertext[len(ciphertext)-16:]
 

diff --git a/internal/provider/datasource/projects_data_source.go b/internal/provider/datasource/projects_data_source.go
@@ -1,7 +1,7 @@
 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0
 
-package datasource 
+package datasource
 
 import (
 	"context"

diff --git a/internal/provider/datasource/secrets_data_source.go b/internal/provider/datasource/secrets_data_source.go
@@ -1,7 +1,7 @@
 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0
 
-package datasource 
+package datasource
 
 import (
 	"context"

diff --git a/internal/provider/provider_test.go b/internal/provider/provider_test.go
diff --git a/internal/provider/resource/project_identity_resource.go b/internal/provider/resource/project_identity_resource.go
@@ -128,7 +128,7 @@ func (r *ProjectIdentityResource) Schema(_ context.Context, _ resource.SchemaReq
 							Computed:    true,
 						},
 						"temporary_range": schema.StringAttribute{
-							Description: "TTL for the temporay time. Eg: 1m, 1h, 1d",
+							Description: "TTL for the temporary time. Eg: 1m, 1h, 1d",
 							Optional:    true,
 							Computed:    true,
 						},

diff --git a/internal/provider/resource/project_identity_specific_privilege.go b/internal/provider/resource/project_identity_specific_privilege.go
@@ -100,7 +100,7 @@ func (r *projectIdentitySpecificPrivilegeResourceResource) Schema(_ context.Cont
 				Computed:    true,
 			},
 			"temporary_range": schema.StringAttribute{
-				Description: "TTL for the temporay time. Eg: 1m, 1h, 1d",
+				Description: "TTL for the temporary time. Eg: 1m, 1h, 1d",
 				Optional:    true,
 				Computed:    true,
 			},
@@ -340,20 +340,59 @@ func (r *projectIdentitySpecificPrivilegeResourceResource) Read(ctx context.Cont
 	for _, el := range projectIdentitySpecificPrivilegeResource.Privilege.Permissions {
 		action, isValid := el["action"].(string)
 		if el["action"] != nil && !isValid {
-			action = el["action"].([]any)[0].(string)
+			action, isValid = el["action"].([]any)[0].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project identity specific privilege",
+					"Couldn't read project identity specific privilege from Infiscial, invalid action field in permission",
+				)
+				return
+			}
 		}
 
 		subject, isValid := el["subject"].(string)
 		if el["subject"] != nil && !isValid {
-			subject = el["subject"].([]any)[0].(string)
+			subject, isValid = el["subject"].([]any)[0].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project identity specific privilege",
+					"Couldn't read project identity specific privilege from Infiscial, invalid subject field in permission",
+				)
+				return
+			}
+		}
+
+		conditions, isValid := el["conditions"].(map[string]any)
+		if !isValid {
+			resp.Diagnostics.AddError(
+				"Error reading project identity specific privilege",
+				"Couldn't read project identity specific privilege from Infiscial, invalid conditions field in permission",
+			)
+			return
 		}
 
-		conditions := el["conditions"].(map[string]any)
 		planPermissionActions = append(planPermissionActions, types.StringValue(action))
-		planPermissionEnvironment = types.StringValue(conditions["environment"].(string))
+		environment, isValid := conditions["environment"].(string)
+		if !isValid {
+			resp.Diagnostics.AddError(
+				"Error reading project identity specific privilege",
+				"Couldn't read project identity specific privilege from Infiscial, invalid environment field in permission",
+			)
+			return
+		}
+		planPermissionEnvironment = types.StringValue(environment)
+
 		planPermissionSubject = types.StringValue(subject)
 		if val, isValid := conditions["secretPath"].(map[string]any); isValid {
-			planPermissionSecretPath = types.StringValue(val["$glob"].(string))
+			secretPath, isValid := val["$glob"].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project identity specific privilege",
+					"Couldn't read project identity specific privilege from Infiscial, invalid secret path field in permission",
+				)
+				return
+			}
+			planPermissionSecretPath = types.StringValue(secretPath)
 		}
 	}
 

diff --git a/internal/provider/resource/project_role.go → ...rovider/resource/project_role_resource.go b/internal/provider/resource/project_role.go → ...rovider/resource/project_role_resource.go
@@ -244,19 +244,57 @@ func (r *projectRoleResource) Read(ctx context.Context, req resource.ReadRequest
 	for _, el := range projectRole.Role.Permissions {
 		action, isValid := el["action"].(string)
 		if el["action"] != nil && !isValid {
-			action = el["action"].([]any)[0].(string)
+			action, isValid = el["action"].([]any)[0].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project role",
+					"Couldn't read project role from Infiscial, invalid action field in permission",
+				)
+				return
+			}
 		}
 
 		subject, isValid := el["subject"].(string)
 		if el["subject"] != nil && !isValid {
-			subject = el["subject"].([]any)[0].(string)
+			subject, isValid = el["subject"].([]any)[0].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project role",
+					"Couldn't read project role from Infiscial, invalid subject field in permission",
+				)
+				return
+			}
 		}
 		var secretPath, environment string
 		if el["conditions"] != nil {
-			conditions := el["conditions"].(map[string]any)
-			environment = conditions["environment"].(string)
+			conditions, isValid := el["conditions"].(map[string]any)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project role",
+					"Couldn't read project role from Infiscial, invalid conditions field in permission",
+				)
+				return
+			}
+
+			environment, isValid = conditions["environment"].(string)
+			if !isValid {
+				resp.Diagnostics.AddError(
+					"Error reading project role",
+					"Couldn't read project role from Infiscial, invalid environment field in permission",
+				)
+				return
+			}
+
+			// secret path parsing.
 			if val, isValid := conditions["secretPath"].(map[string]any); isValid {
-				secretPath = val["$glob"].(string)
+				secretPath, isValid = val["$glob"].(string)
+				if !isValid {
+					resp.Diagnostics.AddError(
+						"Error reading project role",
+						"Couldn't read project role from Infiscial, invalid secret path field in permission",
+					)
+					return
+				}
 			}
 		}
 
@@ -270,6 +308,7 @@ func (r *projectRoleResource) Read(ctx context.Context, req resource.ReadRequest
 		})
 	}
 
+	state.Permissions = permissionPlan
 	diags = resp.State.Set(ctx, state)
 	resp.Diagnostics.Append(diags...)
 	if resp.Diagnostics.HasError() {

diff --git a/internal/provider/resource/project_user_resource.go b/internal/provider/resource/project_user_resource.go
@@ -1,4 +1,4 @@
-package resource 
+package resource
 
 import (
 	"context"
@@ -134,7 +134,7 @@ func (r *ProjectUserResource) Schema(_ context.Context, _ resource.SchemaRequest
 							Computed:    true,
 						},
 						"temporary_range": schema.StringAttribute{
-							Description: "TTL for the temporay time. Eg: 1m, 1h, 1d",
+							Description: "TTL for the temporary time. Eg: 1m, 1h, 1d",
 							Optional:    true,
 							Computed:    true,
 						},