nitrictech
fix: deduplicate resources when creating policies
Codecov Report
Attention: 12 lines in your changes are missing coverage. Please review.
Comparison is base (
e7935d4) 38.58% compared to head (ca8df77) 38.46%.
| Files | Patch % | Lines |
|---|---|---|
| pkg/codeconfig/uprequest.go | 0.00% | 12 Missing :warning: |
Additional details and impacted files
@@ Coverage Diff @@
## main #609 +/- ##
==========================================
- Coverage 38.58% 38.46% -0.12%
==========================================
Files 30 30
Lines 1967 1973 +6
==========================================
Hits 759 759
- Misses 1160 1166 +6
Partials 48 48
| Flag | Coverage Δ | |
|---|---|---|
| unittests | 38.46% <0.00%> (-0.12%) |
:arrow_down: |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
This change looks looks fine, just need to make sure that it deduplicates on the same level as the original implementation. The reason is that there is an policy application limit for AWS Lambda accounts that this was implemented to address, but it appears that this change may undo that.
The intention here was to ensure that all resource types that shared a common set of actions were grouped into a single policy, so in the case of something like read-only secrets we could merge them to save on IAM policy length.
e.g.
functionA:read:secret1 + functionA:read:secret2 + functionA:read:secret3 => functionA:read:secret1,secret2,secret3
