Skip to content

Commit

Permalink
Merge branch 'master' into update/cft-map
Browse files Browse the repository at this point in the history
  • Loading branch information
gaurav-gogia authored Nov 1, 2022
2 parents 2895b1f + d2f8770 commit e8c045b
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 13 deletions.
1 change: 1 addition & 0 deletions pkg/iac-providers/output/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ type ResourceConfig struct {
MinSeverity string `json:"min_severity"`
ContainerImages []ContainerDetails `json:"container_images,omitempty"`
InitContainerImages []ContainerDetails `json:"init_container_images,omitempty"`
IsRemoteModule *bool `json:"is_remote_module,omitempty"`
}

// ContainerDetails holds information about container name, image and vulberabilities
Expand Down
40 changes: 29 additions & 11 deletions pkg/iac-providers/terraform/commons/load-dir.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"encoding/json"
"errors"
"fmt"
"net/url"
"os"
"path/filepath"
"strings"
Expand Down Expand Up @@ -209,12 +210,16 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))

var isRemoteModule bool
// source file path
resourceConfig.Source, err = GetConfigSource(remoteURLMapping, resourceConfig, t.absRootDir)
resourceConfig.Source, isRemoteModule, err = GetConfigSource(remoteURLMapping, resourceConfig, t.absRootDir)
if err != nil {
t.addError(err.Error(), dir)
continue
}
if isRemoteModule {
resourceConfig.IsRemoteModule = &isRemoteModule
}

// tf plan directory relative path
planRoot, err := filepath.Rel(t.absRootDir, dir)
Expand Down Expand Up @@ -332,14 +337,18 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi

// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))

var isRemoteModule bool
// source file path
resourceConfig.Source, err = GetConfigSource(remoteURLMapping, resourceConfig, t.absRootDir)
resourceConfig.Source, isRemoteModule, err = GetConfigSource(remoteURLMapping, resourceConfig, t.absRootDir)
if err != nil {
errMessage := fmt.Sprintf("failed to get resource's filepath: %v", err)
return allResourcesConfig, multierror.Append(t.errIacLoadDirs, results.DirScanErr{IacType: "terraform", Directory: t.absRootDir, ErrMessage: errMessage})
}

if isRemoteModule {
resourceConfig.IsRemoteModule = &isRemoteModule
}

// add tf plan directory relative path
resourceConfig.PlanRoot = fmt.Sprintf(".%s", string(os.PathSeparator))

Expand Down Expand Up @@ -489,29 +498,38 @@ func GetRemoteLocation(cache map[string]string, resourcePath string) (remoteURL,
}

// GetConfigSource - get the source path for the resource
func GetConfigSource(remoteURLMapping map[string]string, resourceConfig output.ResourceConfig, absRootDir string) (string, error) {
func GetConfigSource(remoteURLMapping map[string]string, resourceConfig output.ResourceConfig, absRootDir string) (string, bool, error) {
var (
source string
err error
rel string
source string
err error
rel string
isRemote bool
)

// Get source path if remote module used
remoteURL, tempDir := GetRemoteLocation(remoteURLMapping, resourceConfig.Source)
if remoteURL != "" {
rel, err = filepath.Rel(tempDir, resourceConfig.Source)
if err != nil {
errMessage := fmt.Sprintf("failed to get remote resource's %s filepath: %v", resourceConfig.Name, err)
return source, errors.New(errMessage)
return source, false, errors.New(errMessage)
}
isRemote = true

source = filepath.Join(url.PathEscape(remoteURL), rel)
source, err = url.PathUnescape(source)
if err != nil {
errMessage := fmt.Sprintf("failed to get remote resource's %s filepath: %v", resourceConfig.Name, err)
return source, false, errors.New(errMessage)
}
source = filepath.Join(filepath.Clean(remoteURL), rel)
} else {
// source file path
source, err = filepath.Rel(absRootDir, resourceConfig.Source)
if err != nil {
return source, err
return source, false, err
}
}
return source, nil
return source, isRemote, nil
}

// GetRemoteModuleIfPresentInTerraformSrc - Gets the remote module if present in terraform init cache
Expand Down
2 changes: 1 addition & 1 deletion pkg/iac-providers/terraform/commons/load-dir_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -257,7 +257,7 @@ func TestGetConfigSource(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := GetConfigSource(tt.args.remoteURLMapping, tt.args.resourceConfig, tt.args.absRootDir)
got, _, err := GetConfigSource(tt.args.remoteURLMapping, tt.args.resourceConfig, tt.args.absRootDir)
if (err != nil) != tt.wantErr {
t.Errorf("GetConfigSource() error = %v, wantErr %v", err, tt.wantErr)
return
Expand Down
3 changes: 2 additions & 1 deletion pkg/writer/yaml_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,8 @@ const (
maxseverity: ""
minseverity: ""
containerimages: []
initcontainerimages: []`
initcontainerimages: []
isremotemodule: null`

scanTestOutputYAML = `results:
violations:
Expand Down

0 comments on commit e8c045b

Please sign in to comment.