Skip to content

Commit 507885e

Browse files
bendruckerbendrucker
committed
Fix \S pattern transform for backward compatibility
The Smithy models contain pattern "\S" for many string fields. This is incorrect for fields that can be 1-128 characters. The pattern "\S" literally means "exactly one non-whitespace character". The Ruby SDK generator produced "^.*\S.*$" (contains at least one non-whitespace character) for these same fields, which is the correct semantic validation. This commit fixes the pattern transform to maintain backward compatibility with the Ruby SDK behavior, affecting 59 rules across WAF, WAFRegional, WAFv2, SecurityHub, Config, and other services.
1 parent 24c37c5 commit 507885e

File tree

60 files changed

+126
-118
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+126
-118
lines changed

rules/models/aws_config_config_rule_invalid_name.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ func NewAwsConfigConfigRuleInvalidNameRule() *AwsConfigConfigRuleInvalidNameRule
2929
attributeName: "name",
3030
max: 128,
3131
min: 1,
32-
pattern: regexp.MustCompile(`^\S$`),
32+
pattern: regexp.MustCompile(`^.*\S.*$`),
3333
}
3434
}
3535

@@ -90,7 +90,7 @@ func (r *AwsConfigConfigRuleInvalidNameRule) Check(runner tflint.Runner) error {
9090
if !r.pattern.MatchString(val) {
9191
runner.EmitIssue(
9292
r,
93-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
93+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
9494
attribute.Expr.Range(),
9595
)
9696
}

rules/models/aws_config_remediation_configuration_invalid_config_rule_name.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ func NewAwsConfigRemediationConfigurationInvalidConfigRuleNameRule() *AwsConfigR
2929
attributeName: "config_rule_name",
3030
max: 128,
3131
min: 1,
32-
pattern: regexp.MustCompile(`^\S$`),
32+
pattern: regexp.MustCompile(`^.*\S.*$`),
3333
}
3434
}
3535

@@ -90,7 +90,7 @@ func (r *AwsConfigRemediationConfigurationInvalidConfigRuleNameRule) Check(runne
9090
if !r.pattern.MatchString(val) {
9191
runner.EmitIssue(
9292
r,
93-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
93+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
9494
attribute.Expr.Range(),
9595
)
9696
}

rules/models/aws_elasticache_user_invalid_access_string.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ func NewAwsElastiCacheUserInvalidAccessStringRule() *AwsElastiCacheUserInvalidAc
2525
return &AwsElastiCacheUserInvalidAccessStringRule{
2626
resourceType: "aws_elasticache_user",
2727
attributeName: "access_string",
28-
pattern: regexp.MustCompile(`^\S$`),
28+
pattern: regexp.MustCompile(`^.*\S.*$`),
2929
}
3030
}
3131

@@ -72,7 +72,7 @@ func (r *AwsElastiCacheUserInvalidAccessStringRule) Check(runner tflint.Runner)
7272
if !r.pattern.MatchString(val) {
7373
runner.EmitIssue(
7474
r,
75-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
75+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
7676
attribute.Expr.Range(),
7777
)
7878
}

rules/models/aws_gamelift_alias_invalid_name.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ func NewAwsGameliftAliasInvalidNameRule() *AwsGameliftAliasInvalidNameRule {
2929
attributeName: "name",
3030
max: 1024,
3131
min: 1,
32-
pattern: regexp.MustCompile(`^\S$`),
32+
pattern: regexp.MustCompile(`^.*\S.*$`),
3333
}
3434
}
3535

@@ -90,7 +90,7 @@ func (r *AwsGameliftAliasInvalidNameRule) Check(runner tflint.Runner) error {
9090
if !r.pattern.MatchString(val) {
9191
runner.EmitIssue(
9292
r,
93-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
93+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
9494
attribute.Expr.Range(),
9595
)
9696
}

rules/models/aws_glue_schema_invalid_schema_definition.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ func NewAwsGlueSchemaInvalidSchemaDefinitionRule() *AwsGlueSchemaInvalidSchemaDe
2929
attributeName: "schema_definition",
3030
max: 170000,
3131
min: 1,
32-
pattern: regexp.MustCompile(`^\S$`),
32+
pattern: regexp.MustCompile(`^.*\S.*$`),
3333
}
3434
}
3535

@@ -90,7 +90,7 @@ func (r *AwsGlueSchemaInvalidSchemaDefinitionRule) Check(runner tflint.Runner) e
9090
if !r.pattern.MatchString(val) {
9191
runner.EmitIssue(
9292
r,
93-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
93+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
9494
attribute.Expr.Range(),
9595
)
9696
}

rules/models/aws_lightsail_instance_invalid_blueprint_id.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBlueprintIDRule() *AwsLightsailInstanceInvali
2525
return &AwsLightsailInstanceInvalidBlueprintIDRule{
2626
resourceType: "aws_lightsail_instance",
2727
attributeName: "blueprint_id",
28-
pattern: regexp.MustCompile(`^\S$`),
28+
pattern: regexp.MustCompile(`^.*\S.*$`),
2929
}
3030
}
3131

@@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBlueprintIDRule) Check(runner tflint.Runner)
7272
if !r.pattern.MatchString(val) {
7373
runner.EmitIssue(
7474
r,
75-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
75+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
7676
attribute.Expr.Range(),
7777
)
7878
}

rules/models/aws_lightsail_instance_invalid_bundle_id.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ func NewAwsLightsailInstanceInvalidBundleIDRule() *AwsLightsailInstanceInvalidBu
2525
return &AwsLightsailInstanceInvalidBundleIDRule{
2626
resourceType: "aws_lightsail_instance",
2727
attributeName: "bundle_id",
28-
pattern: regexp.MustCompile(`^\S$`),
28+
pattern: regexp.MustCompile(`^.*\S.*$`),
2929
}
3030
}
3131

@@ -72,7 +72,7 @@ func (r *AwsLightsailInstanceInvalidBundleIDRule) Check(runner tflint.Runner) er
7272
if !r.pattern.MatchString(val) {
7373
runner.EmitIssue(
7474
r,
75-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
75+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
7676
attribute.Expr.Range(),
7777
)
7878
}

rules/models/aws_memorydb_user_invalid_access_string.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ func NewAwsMemoryDBUserInvalidAccessStringRule() *AwsMemoryDBUserInvalidAccessSt
2525
return &AwsMemoryDBUserInvalidAccessStringRule{
2626
resourceType: "aws_memorydb_user",
2727
attributeName: "access_string",
28-
pattern: regexp.MustCompile(`^\S$`),
28+
pattern: regexp.MustCompile(`^.*\S.*$`),
2929
}
3030
}
3131

@@ -72,7 +72,7 @@ func (r *AwsMemoryDBUserInvalidAccessStringRule) Check(runner tflint.Runner) err
7272
if !r.pattern.MatchString(val) {
7373
runner.EmitIssue(
7474
r,
75-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
75+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
7676
attribute.Expr.Range(),
7777
)
7878
}

rules/models/aws_networkfirewall_resource_policy_invalid_policy.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ func NewAwsNetworkfirewallResourcePolicyInvalidPolicyRule() *AwsNetworkfirewallR
2929
attributeName: "policy",
3030
max: 395000,
3131
min: 1,
32-
pattern: regexp.MustCompile(`^\S$`),
32+
pattern: regexp.MustCompile(`^.*\S.*$`),
3333
}
3434
}
3535

@@ -90,7 +90,7 @@ func (r *AwsNetworkfirewallResourcePolicyInvalidPolicyRule) Check(runner tflint.
9090
if !r.pattern.MatchString(val) {
9191
runner.EmitIssue(
9292
r,
93-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
93+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
9494
attribute.Expr.Range(),
9595
)
9696
}

rules/models/aws_securityhub_action_target_invalid_description.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ func NewAwsSecurityhubActionTargetInvalidDescriptionRule() *AwsSecurityhubAction
2525
return &AwsSecurityhubActionTargetInvalidDescriptionRule{
2626
resourceType: "aws_securityhub_action_target",
2727
attributeName: "description",
28-
pattern: regexp.MustCompile(`^\S$`),
28+
pattern: regexp.MustCompile(`^.*\S.*$`),
2929
}
3030
}
3131

@@ -72,7 +72,7 @@ func (r *AwsSecurityhubActionTargetInvalidDescriptionRule) Check(runner tflint.R
7272
if !r.pattern.MatchString(val) {
7373
runner.EmitIssue(
7474
r,
75-
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^\S$`),
75+
fmt.Sprintf(`"%s" does not match valid pattern %s`, truncateLongMessage(val), `^.*\S.*$`),
7676
attribute.Expr.Range(),
7777
)
7878
}

0 commit comments

Comments
 (0)