func()

in provider/secret_descriptor.go [153:217]

• 46 lines of code
• 22 McCabe index (conditional complexity)

func (p *SecretDescriptor) validateSecretDescriptor() error {

	if len(p.ObjectName) == 0 {
		return fmt.Errorf("Object name must be specified")
	}

	var objARN arn.ARN
	var err error
	hasARN := strings.HasPrefix(p.ObjectName, "arn:")
	if hasARN {
		objARN, err = arn.Parse(p.ObjectName)
		if err != nil {
			return fmt.Errorf("Invalid ARN format in object name: %s", p.ObjectName)
		}
	}

	// Make sure either objectType is used or a full ARN is specified
	if len(p.ObjectType) == 0 && !hasARN {
		return fmt.Errorf("Must use objectType when a full ARN is not specified: %s", p.ObjectName)
	}

	// Make sure the ARN is for a supported service
	_, ok := typeMap[objARN.Service]
	if len(p.ObjectType) == 0 && !ok {
		return fmt.Errorf("Invalid service in ARN: %s", objARN.Service)
	}

	// Make sure objectType is one we understand
	_, ok = typeMap[p.ObjectType]
	if len(p.ObjectType) != 0 && (!ok || p.ObjectType == "ssm") {
		return fmt.Errorf("Invalid objectType: %s", p.ObjectType)
	}

	// If both ARN and objectType are used make sure they agree
	if len(p.ObjectType) != 0 && hasARN && typeMap[p.ObjectType] != typeMap[objARN.Service] {
		return fmt.Errorf("objectType does not match ARN: %s", p.ObjectName)
	}

	// Can only use objectVersion or objectVersionLabel for SSM not both
	if p.GetSecretType() == SSMParameter && len(p.ObjectVersion) != 0 && len(p.ObjectVersionLabel) != 0 {
		return fmt.Errorf("ssm parameters can not specify both objectVersion and objectVersionLabel: %s", p.ObjectName)
	}

	// Do not allow ../ in a path when translation is turned off
	if badPathRE.MatchString(p.GetFileName()) {
		return fmt.Errorf("path can not contain ../: %s", p.ObjectName)
	}

	if len(p.JMESPath) == 0 { //jmesPath not specified no more checks
		return nil
	}

	//ensure each jmesPath entry has a path and an objectalias
	for _, jmesPathEntry := range p.JMESPath {
		if len(jmesPathEntry.Path) == 0 {
			return fmt.Errorf("Path must be specified for JMES object")
		}

		if len(jmesPathEntry.ObjectAlias) == 0 {
			return fmt.Errorf("Object alias must be specified for JMES object")
		}
	}

	return nil
}