-
Notifications
You must be signed in to change notification settings - Fork 2.2k
/
adapt.go
58 lines (49 loc) · 1.43 KB
/
adapt.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package kms
import (
"strconv"
"github.com/aquasecurity/trivy/pkg/iac/providers/google/kms"
"github.com/aquasecurity/trivy/pkg/iac/terraform"
"github.com/aquasecurity/trivy/pkg/iac/types"
)
func Adapt(modules terraform.Modules) kms.KMS {
return kms.KMS{
KeyRings: adaptKeyRings(modules),
}
}
func adaptKeyRings(modules terraform.Modules) []kms.KeyRing {
var keyRings []kms.KeyRing
for _, module := range modules {
for _, resource := range module.GetResourcesByType("google_kms_key_ring") {
var keys []kms.Key
keyBlocks := module.GetReferencingResources(resource, "google_kms_crypto_key", "key_ring")
for _, keyBlock := range keyBlocks {
keys = append(keys, adaptKey(keyBlock))
}
keyRings = append(keyRings, kms.KeyRing{
Metadata: resource.GetMetadata(),
Keys: keys,
})
}
}
return keyRings
}
func adaptKey(resource *terraform.Block) kms.Key {
key := kms.Key{
Metadata: resource.GetMetadata(),
RotationPeriodSeconds: types.IntDefault(-1, resource.GetMetadata()),
}
rotationPeriodAttr := resource.GetAttribute("rotation_period")
if !rotationPeriodAttr.IsString() {
return key
}
rotationStr := rotationPeriodAttr.Value().AsString()
if rotationStr[len(rotationStr)-1:] != "s" {
return key
}
seconds, err := strconv.Atoi(rotationStr[:len(rotationStr)-1])
if err != nil {
return key
}
key.RotationPeriodSeconds = types.Int(seconds, rotationPeriodAttr.GetMetadata())
return key
}