Skip to content

[Enhancement]: Add semgrep rule for missing err checks following a NotFound checkΒ #30069

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
[Enhancement]: Add semgrep rule for missing err checks following a NotFound check#30069
Labels
enhancementRequests to existing resources that expand the functionality or scope.linterPertains to changes to or issues with the various linters.
@jar-b

Description

@jar-b
jar-b
opened on Mar 16, 2023

Description

To avoid unintentionally allowing errors and nil SDK output values to pass through CRUD handlers, we should add a semgrep rule ensuring an if err != nil check is always present following a "NotFound" error check. For example, the following missing error check caused the crash from #30068:

	outputRaw, err := tfresource.RetryWhenNewResourceNotFound(ctx, propagationTimeout, func() (interface{}, error) {
		return FindRepositoryByName(ctx, conn, d.Id())
	}, d.IsNewResource())

	if !d.IsNewResource() && tfresource.NotFound(err) {
		log.Printf("[WARN] ECR Repository (%s) not found, removing from state", d.Id())
		d.SetId("")
		return diags
	}

	repository := outputRaw.(*ecr.Repository)

References

Relates #30067
Relates #30068

Would you like to implement a fix?

None

Metadata

Assignees

No one assigned

    Labels

    enhancementRequests to existing resources that expand the functionality or scope.linterPertains to changes to or issues with the various linters.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions