Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renames terraform-configuration to terraform-hcl #861

Merged
merged 1 commit into from
Feb 1, 2023
Merged

Renames terraform-configuration to terraform-hcl #861

merged 1 commit into from
Feb 1, 2023

Conversation

scottford-io
Copy link
Contributor

This PR renames terraform-configuration to terraform-hcl. The platform family will still rename terraform but now we will distinguish scans as assets between terraform-hcl, terraform-plan, and terraform-state.

Test local Terraform working directory:

~/go/bin/cnquery shell terraform ~/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform 
→ no Mondoo configuration file provided. using defaults
→ discover related assets for 1 asset(s)
→ resolved assets resolved-assets=1
  ___ _ __   __ _ _   _  ___ _ __ _   _ 
 / __| '_ \ / _` | | | |/ _ \ '__| | | |
| (__| | | | (_| | |_| |  __/ |  | |_| |
 \___|_| |_|\__, |\__,_|\___|_|   \__, |
  mondoo™      |_|                |___/  interactive shell

cnquery> asset {*}
asset: {
  kind: "code"
  build: ""
  version: ""
  title: "Terraform HCL"
  arch: ""
  labels: {}
  platform: "terraform-hcl"
  vulnerabilityReport: mondoo upstream configuration is missing
  runtime: "terraform-hcl"
  ids: [
    0: "//platformid.api.mondoo.app/runtime/terraform/hash/b9635df010d8d404a8408660502e3f93a5ec608e21ef40f507458c6b7593f939"
  ]
  name: "Terraform Static Analysis directory terraform"
  fqdn: ""
  family: []
}

Test queries

cnquery> terraform.resources
terraform.resources: [
  0: terraform.block id = terraform.block//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/1/1
  1: terraform.block id = terraform.block//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/12/1
]
cnquery> terraform.resources {*}
terraform.resources: [
  0: {
    type: "resource"
    end: terraform.fileposition id = file.position//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/1/1
    labels: [
      0: "random_pet"
      1: "name"
    ]
    nameLabel: "random_pet"
    snippet: "     1 | resource \"random_pet\" \"name\" {}
     2 | 
     3 | locals {
     4 |   team              = var.team
"
    blocks: []
    arguments: {}
    start: terraform.fileposition id = file.position//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/1/1
    attributes: {}
  }
  1: {
    type: "resource"
    end: terraform.fileposition id = file.position//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/12/1
    labels: [
      0: "google_storage_bucket"
      1: "example_storage_from_resource"
    ]
    nameLabel: "google_storage_bucket"
    snippet: "     9 | }
    10 | 
    11 | 
    12 | resource \"google_storage_bucket\" \"example_storage_from_resource\" {
    13 |   name          = \"example_resource_bucket_${random_pet.name.id}\"
    14 |   location      = var.location
    15 |   force_destroy = true
"
    blocks: []
    arguments: {
      force_destroy: true
      location: "var.location"
      name: [
        0: "example_resource_bucket_"
        1: "random_pet.name.id"
      ]
      uniform_bucket_level_access: false
    }
    start: terraform.fileposition id = file.position//Users/scottford/go/src/github.com/scottford-io/cnspec-platform-engineering-demo-gcp/terraform/main.tf/12/1
    attributes: {
      force_destroy: {
        type: "bool"
        value: true
      }
      location: {
        type: "any"
        value: "var.location"
      }
      name: {
        type: "string"
        value: [
          0: "example_resource_bucket_"
          1: "random_pet.name.id"
        ]
      }
      uniform_bucket_level_access: {
        type: "bool"
        value: false
      }
    }
  }
]

Signed-off-by: Scott Ford [email protected]

@scottford-io scottford-io requested a review from a team as a code owner January 31, 2023 17:42
@scottford-io scottford-io mentioned this pull request Jan 31, 2023
Merged
@scottford-io
Renames terraform-configuration to terraform-hcl
ee32f21 
Updates provider.RUNTIME_TERRAFORM

Signed-off-by: Scott Ford <[email protected]>
scottford-io added a commit to mondoohq/cnspec-policies that referenced this pull request Jan 31, 2023
@scottford-io
Updates asset_filter for terraform policies to include terraform-hcl (#…
22942d9 
…113)

This PR updates Terraform policies to include `terraform-hcl` to prepare
for mondoohq/cnquery#861. This change is
backwards compatible for older clients

Signed-off-by: Scott Ford <[email protected]>
vjeffrey
vjeffrey approved these changes Feb 1, 2023
View reviewed changes
Copy link
Contributor

@vjeffrey vjeffrey left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the policy is updated, so this should be good to merge. if anyone has a custom terraform policy laying around, they'll need to update their asset filters when they upgrade to the cnquery/cnspec version this change ends up in. (so if someone goes, "oh no, my terraform asset is suddenly unscored", that's the first thing we should check

i'm gonna go ahead and merge this in, just wanted to make that super clear

@vjeffrey vjeffrey merged commit ca8ceef into main Feb 1, 2023
@vjeffrey vjeffrey deleted the scottford/terraform-hcl-rename branch February 1, 2023 04:33
@github-actions github-actions bot locked and limited conversation to collaborators Feb 1, 2023
chris-rock
chris-rock reviewed Feb 1, 2023
View reviewed changes
motor/providers/terraform/platform.go
@@ -12,21 +12,21 @@ func (p *Provider) PlatformInfo() *platform.Platform {
Name: "terraform-state",
Title: "Terraform State",
Kind: providers.Kind_KIND_CODE,
Runtime: "terraform-state",
Runtime: providers.RUNTIME_TERRAFORM,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In follow ups we should also add terraform as family

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@chris-rock chris-rock chris-rock left review comments

@vjeffrey vjeffrey vjeffrey approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@scottford-io @chris-rock @vjeffrey