func()

in internal/resources/providers/awslib/s3/provider.go [61:121]

• 50 lines of code
• 11 McCabe index (conditional complexity)

func (p Provider) DescribeBuckets(ctx context.Context) ([]awslib.AwsResource, error) {
	defaultClient, err := awslib.GetDefaultClient(p.clients)
	if err != nil {
		return nil, fmt.Errorf("could not select default region client: %w", err)
	}
	clientBuckets, err := defaultClient.ListBuckets(ctx, &s3Client.ListBucketsInput{})
	if err != nil {
		p.log.Errorf("Could not list s3 buckets: %v", err)
		return nil, err
	}

	var result []awslib.AwsResource

	if len(clientBuckets.Buckets) == 0 {
		return result, nil
	}

	accountPublicAccessBlockConfig, accountPublicAccessBlockErr := p.getAccountPublicAccessBlock(ctx)
	if accountPublicAccessBlockErr != nil {
		p.log.Errorf("Could not get account public access block configuration. Err: %v", accountPublicAccessBlockErr)
	}

	bucketsRegionsMapping := p.getBucketsRegionMapping(ctx, clientBuckets.Buckets)
	for region, buckets := range bucketsRegionsMapping {
		for _, bucket := range buckets {
			// Getting the bucket encryption, policy, versioning  and public access block is not critical for the rest
			//  of the flow, so we should keep describing the bucket even if getting these objects fails.
			sseAlgorithm, encryptionErr := p.getBucketEncryptionAlgorithm(ctx, bucket.Name, region)
			if encryptionErr != nil {
				p.log.Errorf("Could not get encryption for bucket %s. Error: %v", *bucket.Name, encryptionErr)
			}

			bucketPolicy, policyErr := p.GetBucketPolicy(ctx, bucket.Name, region)
			if policyErr != nil {
				p.log.Errorf("Could not get bucket policy for bucket %s. Error: %v", *bucket.Name, policyErr)
			}

			bucketVersioning, versioningErr := p.getBucketVersioning(ctx, bucket.Name, region)
			if versioningErr != nil {
				p.log.Errorf("Could not get bucket versioning for bucket %s. Err: %v", *bucket.Name, versioningErr)
			}

			publicAccessBlockConfiguration, publicAccessBlockErr := p.getPublicAccessBlock(ctx, bucket.Name, region)
			if publicAccessBlockErr != nil {
				p.log.Errorf("Could not get public access block configuration for bucket %s. Err: %v", *bucket.Name, publicAccessBlockErr)
			}

			result = append(result, BucketDescription{
				Name:                                  *bucket.Name,
				SSEAlgorithm:                          sseAlgorithm,
				BucketPolicy:                          bucketPolicy,
				BucketVersioning:                      bucketVersioning,
				PublicAccessBlockConfiguration:        publicAccessBlockConfiguration,
				AccountPublicAccessBlockConfiguration: accountPublicAccessBlockConfig,
				Region:                                region,
			})
		}
	}

	return result, nil
}