Merge pull request hashicorp#13142 from terraform-providers/ap_panic_…

…linting

enabled R009 linting rule and fixed affected resources

GNUmakefile

@@ -75,6 +75,7 @@ lint:
 		-R006 \
 		-R007 \
 		-R008 \
+		-R009 \
 		-R012 \
 		-R013 \
 		-R014 \

aws/data_source_aws_iam_policy_document.go

@@ -2,6 +2,7 @@ package aws
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"strconv"
 	"strings"
@@ -242,7 +243,7 @@ func dataSourceAwsIamPolicyDocumentReplaceVarsInList(in interface{}, version str
 		}
 		return out, nil
 	default:
-		panic("dataSourceAwsIamPolicyDocumentReplaceVarsInList: input not string nor []string")
+		return nil, errors.New("dataSourceAwsIamPolicyDocumentReplaceVarsInList: input not string nor []string")
 	}
 }
 

aws/iam_policy_model.go

@@ -175,7 +175,7 @@ func (cs IAMPolicyStatementConditionSet) MarshalJSON() ([]byte, error) {
 		case string:
 			raw[c.Test][c.Variable] = i
 		default:
-			panic("Unsupported data type for IAMPolicyStatementConditionSet")
+			return nil, fmt.Errorf("Unsupported data type for IAMPolicyStatementConditionSet: %s", i)
 		}
 	}
 

aws/opsworks_layers.go

@@ -320,7 +320,10 @@ func (lt *opsworksLayerType) Read(d *schema.ResourceData, client *opsworks.OpsWo
 		d.Set("custom_json", policy)
 	}
 
-	lt.SetAttributeMap(d, layer.Attributes)
+	err = lt.SetAttributeMap(d, layer.Attributes)
+	if err != nil {
+		return err
+	}
 	lt.SetLifecycleEventConfiguration(d, layer.LifecycleEventConfiguration)
 	lt.SetCustomRecipes(d, layer.CustomRecipes)
 	lt.SetVolumeConfigurations(d, layer.VolumeConfigurations)
@@ -363,6 +366,10 @@ func (lt *opsworksLayerType) Read(d *schema.ResourceData, client *opsworks.OpsWo
 func (lt *opsworksLayerType) Create(d *schema.ResourceData, client *opsworks.OpsWorks, meta interface{}) error {
 	ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig
 
+	attributes, err := lt.AttributeMap(d)
+	if err != nil {
+		return err
+	}
 	req := &opsworks.CreateLayerInput{
 		AutoAssignElasticIps:        aws.Bool(d.Get("auto_assign_elastic_ips").(bool)),
 		AutoAssignPublicIps:         aws.Bool(d.Get("auto_assign_public_ips").(bool)),
@@ -377,7 +384,7 @@ func (lt *opsworksLayerType) Create(d *schema.ResourceData, client *opsworks.Ops
 		Type:                        aws.String(lt.TypeName),
 		StackId:                     aws.String(d.Get("stack_id").(string)),
 		UseEbsOptimizedInstances:    aws.Bool(d.Get("use_ebs_optimized_instances").(bool)),
-		Attributes:                  lt.AttributeMap(d),
+		Attributes:                  attributes,
 		VolumeConfigurations:        lt.VolumeConfigurations(d),
 	}
 
@@ -429,7 +436,10 @@ func (lt *opsworksLayerType) Create(d *schema.ResourceData, client *opsworks.Ops
 }
 
 func (lt *opsworksLayerType) Update(d *schema.ResourceData, client *opsworks.OpsWorks, ignoreTagsConfig *keyvaluetags.IgnoreConfig) error {
-
+	attributes, err := lt.AttributeMap(d)
+	if err != nil {
+		return err
+	}
 	req := &opsworks.UpdateLayerInput{
 		LayerId:                     aws.String(d.Id()),
 		AutoAssignElasticIps:        aws.Bool(d.Get("auto_assign_elastic_ips").(bool)),
@@ -443,7 +453,7 @@ func (lt *opsworksLayerType) Update(d *schema.ResourceData, client *opsworks.Ops
 		Name:                        aws.String(d.Get("name").(string)),
 		Packages:                    expandStringSet(d.Get("system_packages").(*schema.Set)),
 		UseEbsOptimizedInstances:    aws.Bool(d.Get("use_ebs_optimized_instances").(bool)),
-		Attributes:                  lt.AttributeMap(d),
+		Attributes:                  attributes,
 		VolumeConfigurations:        lt.VolumeConfigurations(d),
 	}
 
@@ -486,7 +496,7 @@ func (lt *opsworksLayerType) Update(d *schema.ResourceData, client *opsworks.Ops
 		}
 	}
 
-	_, err := client.UpdateLayer(req)
+	_, err = client.UpdateLayer(req)
 	if err != nil {
 		return err
 	}
@@ -514,7 +524,7 @@ func (lt *opsworksLayerType) Delete(d *schema.ResourceData, client *opsworks.Ops
 	return err
 }
 
-func (lt *opsworksLayerType) AttributeMap(d *schema.ResourceData) map[string]*string {
+func (lt *opsworksLayerType) AttributeMap(d *schema.ResourceData) (map[string]*string, error) {
 	attrs := map[string]*string{}
 
 	for key, def := range lt.Attributes {
@@ -536,14 +546,14 @@ func (lt *opsworksLayerType) AttributeMap(d *schema.ResourceData) map[string]*st
 			}
 		default:
 			// should never happen
-			panic(fmt.Errorf("Unsupported OpsWorks layer attribute type"))
+			return nil, fmt.Errorf("Unsupported OpsWorks layer attribute type: %s", def.Type)
 		}
 	}
 
-	return attrs
+	return attrs, nil
 }
 
-func (lt *opsworksLayerType) SetAttributeMap(d *schema.ResourceData, attrs map[string]*string) {
+func (lt *opsworksLayerType) SetAttributeMap(d *schema.ResourceData, attrs map[string]*string) error {
 	for key, def := range lt.Attributes {
 		// Ignore write-only attributes; we'll just keep what we already have stored.
 		// (The AWS API returns garbage placeholder values for these.)
@@ -573,14 +583,15 @@ func (lt *opsworksLayerType) SetAttributeMap(d *schema.ResourceData, attrs map[s
 				d.Set(key, boolValue)
 			default:
 				// should never happen
-				panic(fmt.Errorf("Unsupported OpsWorks layer attribute type"))
+				return fmt.Errorf("Unsupported OpsWorks layer attribute type: %s", def.Type)
 			}
-			return
+			return nil
 
 		} else {
 			d.Set(key, nil)
 		}
 	}
+	return nil
 }
 
 func (lt *opsworksLayerType) LifecycleEventConfiguration(d *schema.ResourceData) *opsworks.LifecycleEventConfiguration {

aws/resource_aws_iam_user_login_profile.go

@@ -3,6 +3,7 @@ package aws
 import (
 	"bytes"
 	"crypto/rand"
+	"errors"
 	"fmt"
 	"log"
 	"math/big"
@@ -76,7 +77,7 @@ const (
 
 // generateIAMPassword generates a random password of a given length, matching the
 // most restrictive iam password policy.
-func generateIAMPassword(length int) string {
+func generateIAMPassword(length int) (string, error) {
 	const charset = charLower + charUpper + charNumbers + charSymbols
 
 	result := make([]byte, length)
@@ -93,10 +94,10 @@ func generateIAMPassword(length int) string {
 		for i := range result {
 			r, err := rand.Int(rand.Reader, charsetSize)
 			if err != nil {
-				panic(err)
+				return "", err
 			}
 			if !r.IsInt64() {
-				panic("rand.Int() not representable as an Int64")
+				return "", errors.New("rand.Int() not representable as an Int64")
 			}
 
 			result[i] = charset[r.Int64()]
@@ -106,10 +107,10 @@ func generateIAMPassword(length int) string {
 			continue
 		}
 
-		return string(result)
+		return string(result), nil
 	}
 
-	panic("failed to generate acceptable password")
+	return "", errors.New("failed to generate acceptable password")
 }
 
 // Check the generated password contains all character classes listed in the
@@ -132,7 +133,10 @@ func resourceAwsIamUserLoginProfileCreate(d *schema.ResourceData, meta interface
 
 	passwordResetRequired := d.Get("password_reset_required").(bool)
 	passwordLength := d.Get("password_length").(int)
-	initialPassword := generateIAMPassword(passwordLength)
+	initialPassword, err := generateIAMPassword(passwordLength)
+	if err != nil {
+		return err
+	}
 
 	fingerprint, encrypted, err := encryption.EncryptValue(encryptionKey, initialPassword, "Password")
 	if err != nil {

aws/resource_aws_iam_user_login_profile_test.go

@@ -19,12 +19,18 @@ import (
 )
 
 func TestGenerateIAMPassword(t *testing.T) {
-	p := generateIAMPassword(6)
+	p, err := generateIAMPassword(6)
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
 	if len(p) != 6 {
 		t.Fatalf("expected a 6 character password, got: %q", p)
 	}
 
-	p = generateIAMPassword(128)
+	p, err = generateIAMPassword(128)
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
 	if len(p) != 128 {
 		t.Fatalf("expected a 128 character password, got: %q", p)
 	}
@@ -257,9 +263,13 @@ func testDecryptPasswordAndTest(nProfile, nAccessKey, key string) resource.TestC
 
 		return resource.Retry(2*time.Minute, func() *resource.RetryError {
 			iamAsCreatedUser := iam.New(iamAsCreatedUserSession)
+			newPassword, err := generateIAMPassword(20)
+			if err != nil {
+				return resource.NonRetryableError(err)
+			}
 			_, err = iamAsCreatedUser.ChangePassword(&iam.ChangePasswordInput{
 				OldPassword: aws.String(decryptedPassword.String()),
-				NewPassword: aws.String(generateIAMPassword(20)),
+				NewPassword: aws.String(newPassword),
 			})
 			if err != nil {
 				// EntityTemporarilyUnmodifiable: Login Profile for User XXX cannot be modified while login profile is being created.

aws/resource_aws_iam_user_test.go

@@ -742,9 +742,12 @@ func testAccCheckAWSUserCreatesAccessKey(getUserOutput *iam.GetUserOutput) resou
 func testAccCheckAWSUserCreatesLoginProfile(getUserOutput *iam.GetUserOutput) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		iamconn := testAccProvider.Meta().(*AWSClient).iamconn
-
+		password, err := generateIAMPassword(32)
+		if err != nil {
+			return err
+		}
 		input := &iam.CreateLoginProfileInput{
-			Password: aws.String(generateIAMPassword(32)),
+			Password: aws.String(password),
 			UserName: getUserOutput.User.UserName,
 		}
 

aws/resource_aws_opsworks_application.go

@@ -293,8 +293,14 @@ func resourceAwsOpsworksApplicationRead(d *schema.ResourceData, meta interface{}
 	d.Set("description", app.Description)
 	d.Set("domains", flattenStringList(app.Domains))
 	d.Set("enable_ssl", app.EnableSsl)
-	resourceAwsOpsworksSetApplicationSsl(d, app.SslConfiguration)
-	resourceAwsOpsworksSetApplicationSource(d, app.AppSource)
+	err = resourceAwsOpsworksSetApplicationSsl(d, app.SslConfiguration)
+	if err != nil {
+		return err
+	}
+	err = resourceAwsOpsworksSetApplicationSource(d, app.AppSource)
+	if err != nil {
+		return err
+	}
 	resourceAwsOpsworksSetApplicationDataSources(d, app.DataSources)
 	resourceAwsOpsworksSetApplicationEnvironmentVariable(d, app.Environment)
 	resourceAwsOpsworksSetApplicationAttributes(d, app.Attributes)
@@ -446,7 +452,7 @@ func resourceAwsOpsworksApplicationSource(d *schema.ResourceData) *opsworks.Sour
 	}
 }
 
-func resourceAwsOpsworksSetApplicationSource(d *schema.ResourceData, v *opsworks.Source) {
+func resourceAwsOpsworksSetApplicationSource(d *schema.ResourceData, v *opsworks.Source) error {
 	nv := make([]interface{}, 0, 1)
 	if v != nil {
 		m := make(map[string]interface{})
@@ -475,8 +481,9 @@ func resourceAwsOpsworksSetApplicationSource(d *schema.ResourceData, v *opsworks
 	err := d.Set("app_source", nv)
 	if err != nil {
 		// should never happen
-		panic(err)
+		return err
 	}
+	return nil
 }
 
 func resourceAwsOpsworksApplicationDataSources(d *schema.ResourceData) []*opsworks.DataSource {
@@ -523,7 +530,7 @@ func resourceAwsOpsworksApplicationSsl(d *schema.ResourceData) *opsworks.SslConf
 	}
 }
 
-func resourceAwsOpsworksSetApplicationSsl(d *schema.ResourceData, v *opsworks.SslConfiguration) {
+func resourceAwsOpsworksSetApplicationSsl(d *schema.ResourceData, v *opsworks.SslConfiguration) error {
 	nv := make([]interface{}, 0, 1)
 	set := false
 	if v != nil {
@@ -548,8 +555,9 @@ func resourceAwsOpsworksSetApplicationSsl(d *schema.ResourceData, v *opsworks.Ss
 	err := d.Set("ssl_configuration", nv)
 	if err != nil {
 		// should never happen
-		panic(err)
+		return err
 	}
+	return nil
 }
 
 func resourceAwsOpsworksApplicationAttributes(d *schema.ResourceData) map[string]*string {

aws/resource_aws_opsworks_stack.go

@@ -235,7 +235,7 @@ func resourceAwsOpsworksStackCustomCookbooksSource(d *schema.ResourceData) *opsw
 	}
 }
 
-func resourceAwsOpsworksSetStackCustomCookbooksSource(d *schema.ResourceData, v *opsworks.Source) {
+func resourceAwsOpsworksSetStackCustomCookbooksSource(d *schema.ResourceData, v *opsworks.Source) error {
 	nv := make([]interface{}, 0, 1)
 	if v != nil && v.Type != nil && *v.Type != "" {
 		m := make(map[string]interface{})
@@ -264,8 +264,9 @@ func resourceAwsOpsworksSetStackCustomCookbooksSource(d *schema.ResourceData, v
 	err := d.Set("custom_cookbooks_source", nv)
 	if err != nil {
 		// should never happen
-		panic(err)
+		return err
 	}
+	return nil
 }
 
 func resourceAwsOpsworksStackRead(d *schema.ResourceData, meta interface{}) error {
@@ -368,7 +369,10 @@ func resourceAwsOpsworksStackRead(d *schema.ResourceData, meta interface{}) erro
 		d.Set("berkshelf_version", stack.ChefConfiguration.BerkshelfVersion)
 		d.Set("manage_berkshelf", stack.ChefConfiguration.ManageBerkshelf)
 	}
-	resourceAwsOpsworksSetStackCustomCookbooksSource(d, stack.CustomCookbooksSource)
+	err := resourceAwsOpsworksSetStackCustomCookbooksSource(d, stack.CustomCookbooksSource)
+	if err != nil {
+		return err
+	}
 
 	tags, err := keyvaluetags.OpsworksListTags(client, arn)
 

aws/resource_aws_security_group_rule.go

@@ -455,6 +455,7 @@ func (b ByGroupPair) Less(i, j int) bool {
 		return *b[i].GroupName < *b[j].GroupName
 	}
 
+	//lintignore:R009
 	panic("mismatched security group rules, may be a terraform bug")
 }