From 056c30cc39ea054b14dd9cf50d08a50b0ace5705 Mon Sep 17 00:00:00 2001 From: Yusuf Kanchwala <30405568+kanchwala-yusuf@users.noreply.github.com> Date: Wed, 13 Oct 2021 20:46:18 +0530 Subject: [PATCH] Add support for getting line numbers for all attributes (#1055) * add support for getting line numbers for all attributes * adding checks for safe conversions * add omitempty flag for line config in output * fix unit tests for terraform common * fix unit tests for terraform v12 * fix terraform v14 uni tests * fix terraform v15 unit tests * add omitempty flag for yaml output * fix logic for nested loops * fix terraform commons unit tests * fix terraform v12 unit tests * fix terraform 14 unit tests * fix terraform 15 unit tests --- pkg/iac-providers/output/types.go | 1 + .../terraform/commons/convert.go | 123 ++-- .../terraform/commons/local-references.go | 2 +- .../terraform/commons/resource.go | 3 +- .../tfjson/output-with-containers.json | 589 +++++++++++++++++- .../terraform/commons/variable-references.go | 2 +- .../v12/testdata/tfjson/config1.json | 98 ++- .../tfjson/deep-modules-recursive.json | 34 +- .../v12/testdata/tfjson/deep-modules.json | 24 +- .../v12/testdata/tfjson/dummyconfig.json | 40 +- .../v12/testdata/tfjson/fullconfig.json | 128 +++- .../v12/testdata/tfjson/list-vars-test.json | 12 +- .../v12/testdata/tfjson/moduleconfigs.json | 187 ++++++ .../testdata/tfjson/complex-variables.json | 20 +- .../v14/testdata/tfjson/config1.json | 98 ++- .../tfjson/deep-modules-recursive.json | 52 +- .../v14/testdata/tfjson/deep-modules.json | 24 +- .../v14/testdata/tfjson/dummyconfig.json | 40 +- .../v14/testdata/tfjson/fullconfig.json | 128 +++- .../v14/testdata/tfjson/moduleconfigs.json | 189 +++++- .../recursive-loop-duplicate-locals.json | 42 +- .../tfjson/recursive-loop-locals.json | 7 +- .../tfjson/recursive-loop-variables.json | 7 +- .../testdata/tfjson/complex-variables.json | 20 +- .../v15/testdata/tfjson/config1.json | 96 +++ .../tfjson/deep-modules-recursive.json | 32 +- .../v15/testdata/tfjson/deep-modules.json | 24 +- .../v15/testdata/tfjson/dummyconfig.json | 38 ++ .../v15/testdata/tfjson/fullconfig.json | 128 +++- .../v15/testdata/tfjson/moduleconfigs.json | 208 ++++++- .../tfjson/recursive-loop-locals.json | 9 +- .../tfjson/recursive-loop-variables.json | 7 +- 32 files changed, 2253 insertions(+), 159 deletions(-) diff --git a/pkg/iac-providers/output/types.go b/pkg/iac-providers/output/types.go index f4af90ea9..6101da24e 100644 --- a/pkg/iac-providers/output/types.go +++ b/pkg/iac-providers/output/types.go @@ -32,6 +32,7 @@ type ResourceConfig struct { Line int `json:"line"` Type string `json:"type"` Config interface{} `json:"config"` + LineConfig interface{} `json:"line_config,omitempty" yaml:"line_config,omitempty"` // SkipRules will hold the rules to be skipped for the resource. // Each iac provider should append the rules to be skipped for a resource, // while extracting resource from the iac files diff --git a/pkg/iac-providers/terraform/commons/convert.go b/pkg/iac-providers/terraform/commons/convert.go index 5d3c42482..667e53548 100644 --- a/pkg/iac-providers/terraform/commons/convert.go +++ b/pkg/iac-providers/terraform/commons/convert.go @@ -33,6 +33,7 @@ import ( ) type jsonObj map[string]interface{} +type lineObj map[string]interface{} type converter struct { bytes []byte @@ -42,106 +43,156 @@ func (c *converter) rangeSource(r hcl.Range) string { return string(c.bytes[r.Start.Byte:r.End.Byte]) } -func (c *converter) convertBody(body *hclsyntax.Body) (jsonObj, error) { - var err error - out := make(jsonObj) +func (c *converter) convertBody(body *hclsyntax.Body) (jsonObj, lineObj, error) { + + var ( + err error + cfg = make(jsonObj) // resource config + lcfg = make(lineObj) // resource line config + ) + + // convert attributes for key, value := range body.Attributes { - out[key], err = c.convertExpression(value.Expr) + cfg[key], lcfg[key], err = c.convertExpression(value.Expr) if err != nil { - return nil, err + return nil, nil, err } } + // convert blocks (nested objects, lists) for _, block := range body.Blocks { - blockOut := make(jsonObj) - err = c.convertBlock(block, blockOut) + + var ( + bcfg = make(jsonObj) // block resource config + blcfg = make(lineObj) // block resource line config + ) + + err = c.convertBlock(block, bcfg, blcfg) if err != nil { - return nil, err + return nil, nil, err } - blockConfig := blockOut[block.Type].(jsonObj) - if _, present := out[block.Type]; !present { - out[block.Type] = []jsonObj{blockConfig} + + blockConfig := bcfg[block.Type].(jsonObj) + lineCfg := blcfg[block.Type].(lineObj) + if _, present := cfg[block.Type]; !present { + cfg[block.Type] = []jsonObj{blockConfig} + lcfg[block.Type] = []lineObj{lineCfg} } else { - list := out[block.Type].([]jsonObj) + list := cfg[block.Type].([]jsonObj) list = append(list, blockConfig) - out[block.Type] = list + cfg[block.Type] = list + + lineList := lcfg[block.Type].([]lineObj) + lineList = append(lineList, lineCfg) + lcfg[block.Type] = lineList } } - return out, nil + return cfg, lcfg, nil } -func (c *converter) convertBlock(block *hclsyntax.Block, out jsonObj) error { +func (c *converter) convertBlock(block *hclsyntax.Block, cfg jsonObj, lcfg lineObj) error { var key string = block.Type - value, err := c.convertBody(block.Body) + value, blcfg, err := c.convertBody(block.Body) if err != nil { return err } for _, label := range block.Labels { - if inner, exists := out[key]; exists { + if inner, exists := cfg[key]; exists { var ok bool - out, ok = inner.(jsonObj) + cfg, ok = inner.(jsonObj) if !ok { // TODO: better diagnostics return fmt.Errorf("unable to convert Block to JSON: %v.%v", block.Type, strings.Join(block.Labels, ".")) } + + if innerLineObj := lcfg[key]; exists { + lcfg, ok = innerLineObj.(lineObj) + if !ok { + return fmt.Errorf("unable to convert Block to JSON: %v.%v", block.Type, strings.Join(block.Labels, ".")) + } + } + } else { - obj := make(jsonObj) - out[key] = obj - out = obj + var ( + obj = make(jsonObj) + lobj = make(lineObj) + ) + + cfg[key] = obj + cfg = obj + + lcfg[key] = lobj + lcfg = lobj + } key = label } - if current, exists := out[key]; exists { + // resource config for blocks + if current, exists := cfg[key]; exists { if list, ok := current.([]interface{}); ok { - out[key] = append(list, value) + cfg[key] = append(list, value) } else { - out[key] = []interface{}{current, value} + cfg[key] = []interface{}{current, value} } } else { - out[key] = value + cfg[key] = value + } + + // resource line config for blocks + if current, exists := lcfg[key]; exists { + if list, ok := current.([]interface{}); ok { + lcfg[key] = append(list, blcfg) + } else { + lcfg[key] = []interface{}{current, blcfg} + } + } else { + lcfg[key] = blcfg } return nil } -func (c *converter) convertExpression(expr hclsyntax.Expression) (interface{}, error) { +func (c *converter) convertExpression(expr hclsyntax.Expression) (ret interface{}, line interface{}, err error) { // assume it is hcl syntax (because, um, it is) + line = expr.StartRange().Start.Line switch value := expr.(type) { case *hclsyntax.LiteralValueExpr: - return ctyjson.SimpleJSONValue{Value: value.Val}, nil + return ctyjson.SimpleJSONValue{Value: value.Val}, line, nil case *hclsyntax.TemplateExpr: - return c.convertTemplate(value) + ret, err = c.convertTemplate(value) + return case *hclsyntax.TemplateWrapExpr: return c.convertExpression(value.Wrapped) case *hclsyntax.TupleConsExpr: var list []interface{} for _, ex := range value.Exprs { - elem, err := c.convertExpression(ex) + elem, line, err := c.convertExpression(ex) if err != nil { - return nil, err + return nil, line, err } list = append(list, elem) } - return list, nil + return list, line, nil case *hclsyntax.ObjectConsExpr: m := make(jsonObj) + l := make(lineObj) for _, item := range value.Items { key, err := c.convertKey(item.KeyExpr) if err != nil { - return nil, err + return nil, line, err } - m[key], err = c.convertExpression(item.ValueExpr) + m[key], l[key], err = c.convertExpression(item.ValueExpr) if err != nil { - return nil, err + return nil, line, err } } - return m, nil + return m, l, nil default: - return c.wrapExpr(expr), nil + return c.wrapExpr(expr), line, nil } } diff --git a/pkg/iac-providers/terraform/commons/local-references.go b/pkg/iac-providers/terraform/commons/local-references.go index 661099efa..b64ed4633 100644 --- a/pkg/iac-providers/terraform/commons/local-references.go +++ b/pkg/iac-providers/terraform/commons/local-references.go @@ -80,7 +80,7 @@ func (r *RefResolver) ResolveLocalRef(localRef, callerRef string) interface{} { // extract values from attribute expressions as golang interface{} c := converter{bytes: fileBytes} - val, err := c.convertExpression(localAttr.Expr.(hclsyntax.Expression)) + val, _, err := c.convertExpression(localAttr.Expr.(hclsyntax.Expression)) if err != nil { zap.S().Errorf("failed to convert expression '%v', ref: '%v'", localAttr.Expr, localRef) return localRef diff --git a/pkg/iac-providers/terraform/commons/resource.go b/pkg/iac-providers/terraform/commons/resource.go index b691db38b..497010584 100644 --- a/pkg/iac-providers/terraform/commons/resource.go +++ b/pkg/iac-providers/terraform/commons/resource.go @@ -45,7 +45,7 @@ func CreateResourceConfig(managedResource *hclConfigs.Resource) (resourceConfig return resourceConfig, fmt.Errorf("failed type assertion for hcl.Body in *hclConfigs.Resource. error: expected hcl.Body type is *hclsyntax.Body, but got %T", managedResource.Config) } - goOut, err := c.convertBody(hclBody) + goOut, lineOut, err := c.convertBody(hclBody) if err != nil { zap.S().Errorf("failed to convert hcl.Body to go struct; resource '%s', file: '%s'. error: '%v'", managedResource.Name, managedResource.DeclRange.Filename, err) @@ -63,6 +63,7 @@ func CreateResourceConfig(managedResource *hclConfigs.Resource) (resourceConfig Source: managedResource.DeclRange.Filename, Line: managedResource.DeclRange.Start.Line, Config: goOut, + LineConfig: lineOut, SkipRules: utils.GetSkipRules(c.rangeSource(hclBody.Range())), MaxSeverity: maxSeverity, MinSeverity: minSeverity, diff --git a/pkg/iac-providers/terraform/commons/testdata/tfjson/output-with-containers.json b/pkg/iac-providers/terraform/commons/testdata/tfjson/output-with-containers.json index 7a01e88ea..7a5a1c9b7 100644 --- a/pkg/iac-providers/terraform/commons/testdata/tfjson/output-with-containers.json +++ b/pkg/iac-providers/terraform/commons/testdata/tfjson/output-with-containers.json @@ -25,13 +25,31 @@ } ] }, + "line_config": { + "container_definitions": 3, + "family": 2, + "proxy_configuration": [ + { + "container_name": 7, + "properties": { + "AppPorts": 9, + "EgressIgnoredIPs": 10, + "IgnoredUID": 11, + "ProxyEgressPort": 12, + "ProxyIngressPort": 13 + }, + "type": 6 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "jenkins", - "image": "jenkins" + "image": "jenkins", + "vulnerabilities": null } ] }, @@ -54,17 +72,28 @@ "FARGATE" ] }, + "line_config": { + "container_definitions": 8, + "cpu": 6, + "execution_role_arn": 7, + "family": 2, + "memory": 5, + "network_mode": 3, + "requires_compatibilities": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "first", - "image": "service-first" + "image": "service-first", + "vulnerabilities": null }, { "name": "second", - "image": "service-second" + "image": "service-second", + "vulnerabilities": null } ] }, @@ -87,13 +116,23 @@ "FARGATE" ] }, + "line_config": { + "container_definitions": 9, + "cpu": 6, + "execution_role_arn": 7, + "family": 2, + "memory": 5, + "network_mode": 3, + "requires_compatibilities": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "jenkins", - "image": "jenkins" + "image": "jenkins", + "vulnerabilities": null } ] } @@ -138,17 +177,50 @@ "environment": "testing" } }, + "line_config": { + "container": [ + { + "cpu": 12, + "image": 11, + "memory": 13, + "name": 10, + "ports": [ + { + "port": 16, + "protocol": 17 + } + ] + }, + { + "cpu": 24, + "image": 23, + "memory": 25, + "name": 22 + } + ], + "dns_name_label": 6, + "ip_address_type": 5, + "location": 3, + "name": 2, + "os_type": 7, + "resource_group_name": 4, + "tags": { + "environment": 29 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "hello-world", - "image": "microsoft/aci-helloworld:latest" + "image": "microsoft/aci-helloworld:latest", + "vulnerabilities": null }, { "name": "sidecar", - "image": "microsoft/aci-tutorial-sidecar" + "image": "microsoft/aci-tutorial-sidecar", + "vulnerabilities": null } ] } @@ -175,7 +247,8 @@ "job_template": [ { "metadata": [ - {} + { + } ], "spec": [ { @@ -183,7 +256,8 @@ "template": [ { "metadata": [ - {} + { + } ], "spec": [ { @@ -213,13 +287,63 @@ } ] }, + "line_config": { + "metadata": [ + { + "name": 3 + } + ], + "spec": [ + { + "concurrency_policy": 6, + "failed_jobs_history_limit": 7, + "job_template": [ + { + "metadata": [ + { + } + ], + "spec": [ + { + "backoff_limit": 14, + "template": [ + { + "metadata": [ + { + } + ], + "spec": [ + { + "container": [ + { + "command": 22, + "image": 21, + "name": 20 + } + ] + } + ] + } + ], + "ttl_seconds_after_finished": 15 + } + ] + } + ], + "schedule": 8, + "starting_deadline_seconds": 9, + "successful_jobs_history_limit": 10 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "hello", - "image": "busybox" + "image": "busybox", + "vulnerabilities": null } ] } @@ -287,21 +411,78 @@ } ] }, + "line_config": { + "metadata": [ + { + "labels": { + "test": 42 + }, + "name": 39, + "namespace": 40 + } + ], + "spec": [ + { + "replicas": 47, + "selector": [ + { + "match_labels": { + "test": 51 + } + } + ], + "template": [ + { + "metadata": [ + { + "labels": { + "test": 58 + } + } + ], + "spec": [ + { + "automount_service_account_token": 79, + "container": [ + { + "image": 64, + "name": 65 + }, + { + "image": 69, + "name": 70 + }, + { + "image": 74, + "name": 75 + } + ], + "service_account_name": 78 + } + ] + } + ] + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "example1", - "image": "nginx:1.7.8" + "image": "nginx:1.7.8", + "vulnerabilities": null }, { "name": "example2", - "image": "nginx:1.7.8" + "image": "nginx:1.7.8", + "vulnerabilities": null }, { "name": "example3", - "image": "nginx:1.7.8" + "image": "nginx:1.7.8", + "vulnerabilities": null } ] } @@ -327,7 +508,8 @@ "template": [ { "metadata": [ - {} + { + } ], "spec": [ { @@ -352,13 +534,47 @@ ], "wait_for_completion": true }, + "line_config": { + "metadata": [ + { + "name": 3 + } + ], + "spec": [ + { + "backoff_limit": 17, + "template": [ + { + "metadata": [ + { + } + ], + "spec": [ + { + "container": [ + { + "command": 12, + "image": 11, + "name": 10 + } + ], + "restart_policy": 14 + } + ] + } + ] + } + ], + "wait_for_completion": 19 + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "pi", - "image": "perl" + "image": "perl", + "vulnerabilities": null } ] } @@ -379,6 +595,13 @@ } ] }, + "line_config": { + "metadata": [ + { + "name": 15 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -424,13 +647,45 @@ } ] }, + "line_config": { + "metadata": [ + { + "name": 3 + } + ], + "spec": [ + { + "container": [ + { + "image": 8, + "name": 9, + "resources": [ + { + "limits": { + "cpu": 13, + "memory": 14, + "nvidia/gpu": 15 + }, + "requests": { + "cpu": 19, + "memory": 20, + "nvidia/gpu": 21 + } + } + ] + } + ] + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "example", - "image": "nginx:1.7.9" + "image": "nginx:1.7.9", + "vulnerabilities": null } ] } @@ -515,13 +770,85 @@ } ] }, + "line_config": { + "metadata": [ + { + "labels": { + "test": 5 + }, + "name": 3 + } + ], + "spec": [ + { + "selector": { + "test": 11 + }, + "template": [ + { + "metadata": [ + { + "annotations": { + "key1": 19 + }, + "labels": { + "test": 16 + } + } + ], + "spec": [ + { + "container": [ + { + "image": 25, + "liveness_probe": [ + { + "http_get": [ + { + "http_header": [ + { + "name": 34, + "value": 35 + } + ], + "path": 30, + "port": 31 + } + ], + "initial_delay_seconds": 39, + "period_seconds": 40 + } + ], + "name": 26, + "resources": [ + { + "limits": { + "cpu": 45, + "memory": 46 + }, + "requests": { + "cpu": 49, + "memory": 50 + } + } + ] + } + ] + } + ] + } + ] + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "example", - "image": "nginx:1.7.8" + "image": "nginx:1.7.8", + "vulnerabilities": null } ] } @@ -558,6 +885,29 @@ } ] }, + "line_config": { + "metadata": [ + { + "name": 21, + "namespace": 22 + } + ], + "spec": [ + { + "port": [ + { + "node_port": 30, + "port": 31, + "target_port": 32 + } + ], + "selector": { + "app": 26 + }, + "type": 28 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -604,7 +954,8 @@ { "metadata": [ { - "annotations": {}, + "annotations": { + }, "labels": { "k8s-app": "prometheus" } @@ -780,25 +1131,221 @@ } ] }, + "line_config": { + "metadata": [ + { + "annotations": { + "SomeAnnotation": 4 + }, + "labels": { + "addonmanager.kubernetes.io/mode": 10, + "k8s-app": 8, + "kubernetes.io/cluster-service": 9, + "version": 11 + }, + "name": 14 + } + ], + "spec": [ + { + "pod_management_policy": 18, + "replicas": 19, + "revision_history_limit": 20, + "selector": [ + { + "match_labels": { + "k8s-app": 24 + } + } + ], + "service_name": 28, + "template": [ + { + "metadata": [ + { + "annotations": { + }, + "labels": { + "k8s-app": 33 + } + } + ], + "spec": [ + { + "container": [ + { + "args": 60, + "image": 57, + "image_pull_policy": 58, + "name": 56, + "resources": [ + { + "limits": { + "cpu": 73, + "memory": 74 + }, + "requests": { + "cpu": 78, + "memory": 79 + } + } + ], + "volume_mount": [ + { + "mount_path": 67, + "name": 66, + "read_only": 68 + } + ] + }, + { + "args": 89, + "image": 86, + "image_pull_policy": 87, + "liveness_probe": [ + { + "http_get": [ + { + "path": 136, + "port": 137, + "scheme": 138 + } + ], + "initial_delay_seconds": 141, + "timeout_seconds": 142 + } + ], + "name": 85, + "port": [ + { + "container_port": 98 + } + ], + "readiness_probe": [ + { + "http_get": [ + { + "path": 126, + "port": 127 + } + ], + "initial_delay_seconds": 130, + "timeout_seconds": 131 + } + ], + "resources": [ + { + "limits": { + "cpu": 103, + "memory": 104 + }, + "requests": { + "cpu": 108, + "memory": 109 + } + } + ], + "volume_mount": [ + { + "mount_path": 115, + "name": 114 + }, + { + "mount_path": 120, + "name": 119, + "sub_path": 121 + } + ] + } + ], + "init_container": [ + { + "command": 46, + "image": 44, + "image_pull_policy": 45, + "name": 43, + "volume_mount": [ + { + "mount_path": 50, + "name": 49, + "sub_path": 51 + } + ] + } + ], + "service_account_name": 40, + "termination_grace_period_seconds": 146, + "volume": [ + { + "config_map": [ + { + "name": 152 + } + ], + "name": 149 + } + ] + } + ] + } + ], + "update_strategy": [ + { + "rolling_update": [ + { + "partition": 162 + } + ], + "type": 159 + } + ], + "volume_claim_template": [ + { + "metadata": [ + { + "name": 168 + } + ], + "spec": [ + { + "access_modes": 172, + "resources": [ + { + "requests": { + "storage": 177 + } + } + ], + "storage_class_name": 173 + } + ] + } + ] + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "", "container_images": [ { "name": "prometheus-server-configmap-reload", - "image": "jimmidyson/configmap-reload:v0.1" + "image": "jimmidyson/configmap-reload:v0.1", + "vulnerabilities": null }, { "name": "prometheus-server", - "image": "prom/prometheus:v2.2.1" + "image": "prom/prometheus:v2.2.1", + "vulnerabilities": null } ], "init_container_images": [ { "name": "init-chown-data", - "image": "busybox:latest" + "image": "busybox:latest", + "vulnerabilities": null } ] } ] -} \ No newline at end of file +} diff --git a/pkg/iac-providers/terraform/commons/variable-references.go b/pkg/iac-providers/terraform/commons/variable-references.go index 43cb9f6ea..06fae597e 100644 --- a/pkg/iac-providers/terraform/commons/variable-references.go +++ b/pkg/iac-providers/terraform/commons/variable-references.go @@ -156,7 +156,7 @@ func (r *RefResolver) ResolveVarRefFromParentModuleCall(varRef, callerRef string // extract values from attribute expressions as golang interface{} c := converter{bytes: fileBytes} - val, err := c.convertExpression(varAttr.Expr) + val, _, err := c.convertExpression(varAttr.Expr) if err != nil { zap.S().Errorf("failed to convert expression '%v', ref: '%v'", varAttr.Expr, varRef) return varRef diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json index 038b28c0c..c6797ea1f 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json @@ -40,6 +40,31 @@ "${aws_security_group.sg_playground.id}" ] }, + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -59,6 +84,12 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -76,6 +107,10 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, + "line_config": { + "key_name": 73, + "public_key": 74 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -101,6 +136,18 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -118,6 +165,10 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +217,35 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -187,6 +267,14 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,9 +296,17 @@ "Environment": "${var.environment_tag}" } }, + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json index c92eb531c..977b59f68 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json @@ -12,7 +12,13 @@ "bucket": "${module.m3.fullbucketname}", "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -26,7 +32,13 @@ "bucket": "tf-test-project-2", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -54,7 +72,13 @@ "bucket": "asdfasdf", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] -} \ No newline at end of file +} diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json index 1094371ab..6bd101cff 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json @@ -12,7 +12,13 @@ "bucket": "${module.m3.fullbucketname}", "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -26,7 +32,13 @@ "bucket": "tf-test-project-2", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json index a7fb59c70..4aa1e9e87 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json @@ -16,6 +16,15 @@ "region": "${var.region}" } }, + "line_config": { + "backend": 42, + "config": { + "bucket": 46, + "key": 47, + "profile": 44, + "region": 45 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -45,6 +54,17 @@ "test2": 5, "test3": "${1 + 2}" }, + "line_config": { + "arr": 5, + "hyphen-test": 6, + "quoted": 9, + "squoted": 10, + "temp": 7, + "temp2": 8, + "test1": 3, + "test2": 4, + "test3": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -70,6 +90,18 @@ "thing": "${[for x in local.arr: x * 2]}" } }, + "line_config": { + "other": { + "3": 18, + "a.b.c": 22, + "a.b.c[\"hi\"][3].*": 20, + "local.test1": 19, + "local.test3": 17, + "loop": 21, + "num": 15, + "thing": 16 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -89,9 +121,15 @@ "heredoc2": "\t\tAnother heredoc, that\n\t\tdoesn't remove indentation\n\t\tlocal.other.3\n\t\t%{if true ? false : true}\"gotcha\"\\n%{else}4%{endif}\n", "simple": "${4 - 2}" }, + "line_config": { + "cond": 32, + "heredoc": 28, + "heredoc2": 34, + "simple": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json index 9c14c2197..b3e95fd4c 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/fullconfig.json @@ -41,7 +41,34 @@ "${aws_security_group.sg_playground.id}" ] }, - "skip_rules": null + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_internet_gateway": [ @@ -59,7 +86,15 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_key_pair": [ @@ -75,7 +110,13 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, - "skip_rules": null + "line_config": { + "key_name": 73, + "public_key": 74 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table": [ @@ -99,7 +140,21 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table_association": [ @@ -115,7 +170,13 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, - "skip_rules": null + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_security_group": [ @@ -162,7 +223,38 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_subnet": [ @@ -182,7 +274,17 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_vpc": [ @@ -202,7 +304,17 @@ "Environment": "${var.environment_tag}" } }, - "skip_rules": null + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json index eaeb3867e..8f8d83294 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/list-vars-test.json @@ -24,7 +24,17 @@ }, "vpc_security_group_ids": "${var.security_group_ids}" }, - "skip_rules": null + "line_config": { + "ami": 8, + "count": 6, + "instance_type": 9, + "subnet_id": 11, + "tags": 14, + "vpc_security_group_ids": 12 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json b/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json index ef2b4d73f..ea2195c7a 100644 --- a/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json +++ b/pkg/iac-providers/terraform/v12/testdata/tfjson/moduleconfigs.json @@ -127,6 +127,92 @@ } ] }, + "line_config": { + "default_cache_behavior": [ + { + "allowed_methods": 19, + "cached_methods": 20, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 27 + } + ], + "query_string": 24 + } + ], + "target_origin_id": 21, + "viewer_protocol_policy": 30 + } + ], + "enabled": 16, + "ordered_cache_behavior": [ + { + "allowed_methods": 35, + "cached_methods": 36, + "compress": 48, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 44 + } + ], + "headers": 41, + "query_string": 40 + } + ], + "path_pattern": 34, + "target_origin_id": 37, + "viewer_protocol_policy": 49 + }, + { + "allowed_methods": 54, + "cached_methods": 55, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 62 + } + ], + "query_string": 59 + } + ], + "path_pattern": 53, + "target_origin_id": 56, + "viewer_protocol_policy": 66 + } + ], + "origin": [ + { + "domain_name": 8, + "origin_id": 9, + "s3_origin_config": [ + { + "origin_access_identity": 12 + } + ] + } + ], + "restrictions": [ + { + "geo_restriction": [ + { + "locations": 72, + "restriction_type": 71 + } + ] + } + ], + "viewer_certificate": [ + { + "cloudfront_default_certificate": 77, + "minimum_protocol_version": 78 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -147,6 +233,12 @@ "s3_bucket_name": "some-s3-bucket", "s3_key_prefix": "prefix" }, + "line_config": { + "include_global_service_events": 5, + "name": 2, + "s3_bucket_name": 3, + "s3_key_prefix": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +258,11 @@ "family": "service", "network_mode": "bridge" }, + "line_config": { + "container_definitions": 4, + "family": 2, + "network_mode": 3 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -186,6 +283,12 @@ "Name": "not-encrypted" } }, + "line_config": { + "creation_token": 2, + "tags": { + "Name": 5 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,6 +311,14 @@ "parameter_group_name": "default.memcached1.4", "port": 11211 }, + "line_config": { + "cluster_id": 2, + "engine": 3, + "node_type": 4, + "num_cache_nodes": 5, + "parameter_group_name": 6, + "port": 7 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -225,6 +336,9 @@ "config": { "enable": false }, + "line_config": { + "enable": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -244,6 +358,11 @@ "status": "Inactive", "user": "root" }, + "line_config": { + "pgp_key": 3, + "status": 4, + "user": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -272,6 +391,17 @@ "Environment": "kinesisEncryptedWithKms" } }, + "line_config": { + "encryption_type": 11, + "kms_key_id": 12, + "name": 2, + "retention_period": 4, + "shard_count": 3, + "shard_level_metrics": 6, + "tags": { + "Environment": 15 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -294,6 +424,14 @@ "Setup": "self-healing" } }, + "line_config": { + "description": 2, + "is_enabled": 3, + "tags": { + "Name": 5, + "Setup": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -319,6 +457,17 @@ "policy_name": "wu-tang-ssl", "policy_type_name": "SSLNegotiationPolicyType" }, + "line_config": { + "load_balancer_name": 2, + "policy_attribute": [ + { + "name": 7, + "value": 8 + } + ], + "policy_name": 3, + "policy_type_name": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -341,6 +490,14 @@ "Name": "nos3BucketSseRules" } }, + "line_config": { + "acl": 3, + "bucket": 2, + "tags": { + "Environment": 7, + "Name": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -385,6 +542,30 @@ }, "vpc_id": "some_dummy_vpc" }, + "line_config": { + "description": 3, + "egress": [ + { + "cidr_blocks": 23, + "from_port": 20, + "protocol": 22, + "to_port": 21 + } + ], + "ingress": [ + { + "cidr_blocks": 15, + "from_port": 12, + "protocol": 14, + "to_port": 13 + } + ], + "name": 2, + "tags": { + "Name": 7 + }, + "vpc_id": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -416,6 +597,12 @@ "Version": "2012-10-17" } }, + "line_config": { + "kms_data_key_reuse_period_seconds": 4, + "kms_master_key_id": 3, + "name": 2, + "policy": 6 + }, "skip_rules": null, "max_severity": "", "min_severity": "" diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json index 51b1ad454..0963fe65b 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/complex-variables.json @@ -114,7 +114,25 @@ } ] }, - "skip_rules": null + "line_config": { + "boolList": 5, + "floatList": 4, + "intList": 3, + "listTuple": 9, + "list_no_type": 6, + "mapVar": 12, + "mapVarComplex": 13, + "objecVar": 11, + "objectList": 14, + "objectListComplex": 15, + "setVar": 7, + "stringList": 2, + "tupleVar": 8, + "tupleVarComplex": 10 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json index 038b28c0c..c6797ea1f 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/config1.json @@ -40,6 +40,31 @@ "${aws_security_group.sg_playground.id}" ] }, + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -59,6 +84,12 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -76,6 +107,10 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, + "line_config": { + "key_name": 73, + "public_key": 74 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -101,6 +136,18 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -118,6 +165,10 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +217,35 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -187,6 +267,14 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,9 +296,17 @@ "Environment": "${var.environment_tag}" } }, + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json index c92eb531c..9523ce9fe 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules-recursive.json @@ -3,30 +3,42 @@ { "id": "aws_s3_bucket.bucket", "name": "bucket", - "module_name": "m1", - "source": "modules/m1/main.tf", + "module_name": "m4", + "source": "modules/m4/main.tf", "plan_root": "./", - "line": 20, + "line": 11, "type": "aws_s3_bucket", "config": { - "bucket": "${module.m3.fullbucketname}", - "policy": "${module.m2.fullbucketpolicy}" + "bucket": "tf-test-project-2", + "policy": "${module.m4a.fullbucketpolicy}" + }, + "line_config": { + "bucket": 12, + "policy": 13 }, - "skip_rules": null + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", "name": "bucket", - "module_name": "m4", - "source": "modules/m4/main.tf", + "module_name": "m1", + "source": "modules/m1/main.tf", "plan_root": "./", - "line": 11, + "line": 20, "type": "aws_s3_bucket", "config": { - "bucket": "tf-test-project-2", - "policy": "${module.m4a.fullbucketpolicy}" + "bucket": "${module.m3.fullbucketname}", + "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -54,7 +72,13 @@ "bucket": "asdfasdf", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json index 1094371ab..6bd101cff 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/deep-modules.json @@ -12,7 +12,13 @@ "bucket": "${module.m3.fullbucketname}", "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -26,7 +32,13 @@ "bucket": "tf-test-project-2", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json index a7fb59c70..4aa1e9e87 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/dummyconfig.json @@ -16,6 +16,15 @@ "region": "${var.region}" } }, + "line_config": { + "backend": 42, + "config": { + "bucket": 46, + "key": 47, + "profile": 44, + "region": 45 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -45,6 +54,17 @@ "test2": 5, "test3": "${1 + 2}" }, + "line_config": { + "arr": 5, + "hyphen-test": 6, + "quoted": 9, + "squoted": 10, + "temp": 7, + "temp2": 8, + "test1": 3, + "test2": 4, + "test3": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -70,6 +90,18 @@ "thing": "${[for x in local.arr: x * 2]}" } }, + "line_config": { + "other": { + "3": 18, + "a.b.c": 22, + "a.b.c[\"hi\"][3].*": 20, + "local.test1": 19, + "local.test3": 17, + "loop": 21, + "num": 15, + "thing": 16 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -89,9 +121,15 @@ "heredoc2": "\t\tAnother heredoc, that\n\t\tdoesn't remove indentation\n\t\tlocal.other.3\n\t\t%{if true ? false : true}\"gotcha\"\\n%{else}4%{endif}\n", "simple": "${4 - 2}" }, + "line_config": { + "cond": 32, + "heredoc": 28, + "heredoc2": 34, + "simple": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json index 9c14c2197..b3e95fd4c 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/fullconfig.json @@ -41,7 +41,34 @@ "${aws_security_group.sg_playground.id}" ] }, - "skip_rules": null + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_internet_gateway": [ @@ -59,7 +86,15 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_key_pair": [ @@ -75,7 +110,13 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, - "skip_rules": null + "line_config": { + "key_name": 73, + "public_key": 74 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table": [ @@ -99,7 +140,21 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table_association": [ @@ -115,7 +170,13 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, - "skip_rules": null + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_security_group": [ @@ -162,7 +223,38 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_subnet": [ @@ -182,7 +274,17 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_vpc": [ @@ -202,7 +304,17 @@ "Environment": "${var.environment_tag}" } }, - "skip_rules": null + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json index 8f960b1c2..ea2195c7a 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/moduleconfigs.json @@ -127,6 +127,92 @@ } ] }, + "line_config": { + "default_cache_behavior": [ + { + "allowed_methods": 19, + "cached_methods": 20, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 27 + } + ], + "query_string": 24 + } + ], + "target_origin_id": 21, + "viewer_protocol_policy": 30 + } + ], + "enabled": 16, + "ordered_cache_behavior": [ + { + "allowed_methods": 35, + "cached_methods": 36, + "compress": 48, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 44 + } + ], + "headers": 41, + "query_string": 40 + } + ], + "path_pattern": 34, + "target_origin_id": 37, + "viewer_protocol_policy": 49 + }, + { + "allowed_methods": 54, + "cached_methods": 55, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 62 + } + ], + "query_string": 59 + } + ], + "path_pattern": 53, + "target_origin_id": 56, + "viewer_protocol_policy": 66 + } + ], + "origin": [ + { + "domain_name": 8, + "origin_id": 9, + "s3_origin_config": [ + { + "origin_access_identity": 12 + } + ] + } + ], + "restrictions": [ + { + "geo_restriction": [ + { + "locations": 72, + "restriction_type": 71 + } + ] + } + ], + "viewer_certificate": [ + { + "cloudfront_default_certificate": 77, + "minimum_protocol_version": 78 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -147,6 +233,12 @@ "s3_bucket_name": "some-s3-bucket", "s3_key_prefix": "prefix" }, + "line_config": { + "include_global_service_events": 5, + "name": 2, + "s3_bucket_name": 3, + "s3_key_prefix": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +258,11 @@ "family": "service", "network_mode": "bridge" }, + "line_config": { + "container_definitions": 4, + "family": 2, + "network_mode": 3 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -186,6 +283,12 @@ "Name": "not-encrypted" } }, + "line_config": { + "creation_token": 2, + "tags": { + "Name": 5 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,6 +311,14 @@ "parameter_group_name": "default.memcached1.4", "port": 11211 }, + "line_config": { + "cluster_id": 2, + "engine": 3, + "node_type": 4, + "num_cache_nodes": 5, + "parameter_group_name": 6, + "port": 7 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -225,6 +336,9 @@ "config": { "enable": false }, + "line_config": { + "enable": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -244,6 +358,11 @@ "status": "Inactive", "user": "root" }, + "line_config": { + "pgp_key": 3, + "status": 4, + "user": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -272,6 +391,17 @@ "Environment": "kinesisEncryptedWithKms" } }, + "line_config": { + "encryption_type": 11, + "kms_key_id": 12, + "name": 2, + "retention_period": 4, + "shard_count": 3, + "shard_level_metrics": 6, + "tags": { + "Environment": 15 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -294,6 +424,14 @@ "Setup": "self-healing" } }, + "line_config": { + "description": 2, + "is_enabled": 3, + "tags": { + "Name": 5, + "Setup": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -319,6 +457,17 @@ "policy_name": "wu-tang-ssl", "policy_type_name": "SSLNegotiationPolicyType" }, + "line_config": { + "load_balancer_name": 2, + "policy_attribute": [ + { + "name": 7, + "value": 8 + } + ], + "policy_name": 3, + "policy_type_name": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -341,6 +490,14 @@ "Name": "nos3BucketSseRules" } }, + "line_config": { + "acl": 3, + "bucket": 2, + "tags": { + "Environment": 7, + "Name": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -385,6 +542,30 @@ }, "vpc_id": "some_dummy_vpc" }, + "line_config": { + "description": 3, + "egress": [ + { + "cidr_blocks": 23, + "from_port": 20, + "protocol": 22, + "to_port": 21 + } + ], + "ingress": [ + { + "cidr_blocks": 15, + "from_port": 12, + "protocol": 14, + "to_port": 13 + } + ], + "name": 2, + "tags": { + "Name": 7 + }, + "vpc_id": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -416,9 +597,15 @@ "Version": "2012-10-17" } }, + "line_config": { + "kms_data_key_reuse_period_seconds": 4, + "kms_master_key_id": 3, + "name": 2, + "policy": 6 + }, "skip_rules": null, "max_severity": "", "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-duplicate-locals.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-duplicate-locals.json index d14d8aaec..0804cf013 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-duplicate-locals.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-duplicate-locals.json @@ -1,20 +1,24 @@ { - "aws_iam_user": [ - { - "id": "aws_iam_user.lb", - "name": "lb", - "module_name": "dummy", - "source": "dummy/main.tf", - "plan_root": "./", - "line": 15, - "type": "aws_iam_user", - "config": { - "name": "joe != \"\" ? \"joe-fred\" : fred", - "tags": "${merge(${merge({\n CreatedBy = \"Terraform\"\n }, {\"this\":\"that\"})},\n {\n Name = joe != \"\" ? \"joe-fred\" : fred\n })}" - }, - "skip_rules": null, - "max_severity": "", - "min_severity": "" - } - ] - } \ No newline at end of file + "aws_iam_user": [ + { + "id": "aws_iam_user.lb", + "name": "lb", + "module_name": "dummy", + "source": "dummy/main.tf", + "plan_root": "./", + "line": 15, + "type": "aws_iam_user", + "config": { + "name": "joe != \"\" ? \"joe-fred\" : fred", + "tags": "${merge(${merge({\n CreatedBy = \"Terraform\"\n }, {\"this\":\"that\"})},\n {\n Name = joe != \"\" ? \"joe-fred\" : fred\n })}" + }, + "line_config": { + "name": 16, + "tags": 17 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" + } + ] +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json index de3989073..db61130ca 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-locals.json @@ -11,7 +11,12 @@ "config": { "name": "${lower(bar != null ? bar : bar)}" }, - "skip_rules": null + "line_config": { + "name": 14 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json index 9a1b8f284..fb4fd236c 100644 --- a/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json +++ b/pkg/iac-providers/terraform/v14/testdata/tfjson/recursive-loop-variables.json @@ -11,7 +11,12 @@ "config": { "container_definitions": "${templatefile(\n ${path.module}/${var.filename},\n {\n foo = \"bar\"\n }\n )}" }, - "skip_rules": null + "line_config": { + "container_definitions": 6 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/complex-variables.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/complex-variables.json index 51b1ad454..0963fe65b 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/complex-variables.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/complex-variables.json @@ -114,7 +114,25 @@ } ] }, - "skip_rules": null + "line_config": { + "boolList": 5, + "floatList": 4, + "intList": 3, + "listTuple": 9, + "list_no_type": 6, + "mapVar": 12, + "mapVarComplex": 13, + "objecVar": 11, + "objectList": 14, + "objectListComplex": 15, + "setVar": 7, + "stringList": 2, + "tupleVar": 8, + "tupleVarComplex": 10 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/config1.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/config1.json index 44e48961a..c6797ea1f 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/config1.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/config1.json @@ -40,6 +40,31 @@ "${aws_security_group.sg_playground.id}" ] }, + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -59,6 +84,12 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -76,6 +107,10 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, + "line_config": { + "key_name": 73, + "public_key": 74 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -101,6 +136,18 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -118,6 +165,10 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +217,35 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -187,6 +267,14 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,6 +296,14 @@ "Environment": "${var.environment_tag}" } }, + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules-recursive.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules-recursive.json index c92eb531c..19d9282b9 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules-recursive.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules-recursive.json @@ -12,7 +12,13 @@ "bucket": "${module.m3.fullbucketname}", "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -26,7 +32,13 @@ "bucket": "tf-test-project-2", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -54,7 +72,13 @@ "bucket": "asdfasdf", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules.json index 1094371ab..6bd101cff 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/deep-modules.json @@ -12,7 +12,13 @@ "bucket": "${module.m3.fullbucketname}", "policy": "${module.m2.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket", @@ -26,7 +32,13 @@ "bucket": "tf-test-project-2", "policy": "${module.m4a.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 12, + "policy": 13 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" }, { "id": "aws_s3_bucket.bucket4a", @@ -40,7 +52,13 @@ "bucket": "${module.m4c.fullbucketname}", "policy": "${module.m4b.fullbucketpolicy}" }, - "skip_rules": null + "line_config": { + "bucket": 21, + "policy": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/dummyconfig.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/dummyconfig.json index b8cc927d6..4aa1e9e87 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/dummyconfig.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/dummyconfig.json @@ -16,6 +16,15 @@ "region": "${var.region}" } }, + "line_config": { + "backend": 42, + "config": { + "bucket": 46, + "key": 47, + "profile": 44, + "region": 45 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -45,6 +54,17 @@ "test2": 5, "test3": "${1 + 2}" }, + "line_config": { + "arr": 5, + "hyphen-test": 6, + "quoted": 9, + "squoted": 10, + "temp": 7, + "temp2": 8, + "test1": 3, + "test2": 4, + "test3": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -70,6 +90,18 @@ "thing": "${[for x in local.arr: x * 2]}" } }, + "line_config": { + "other": { + "3": 18, + "a.b.c": 22, + "a.b.c[\"hi\"][3].*": 20, + "local.test1": 19, + "local.test3": 17, + "loop": 21, + "num": 15, + "thing": 16 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -89,6 +121,12 @@ "heredoc2": "\t\tAnother heredoc, that\n\t\tdoesn't remove indentation\n\t\tlocal.other.3\n\t\t%{if true ? false : true}\"gotcha\"\\n%{else}4%{endif}\n", "simple": "${4 - 2}" }, + "line_config": { + "cond": 32, + "heredoc": 28, + "heredoc2": 34, + "simple": 31 + }, "skip_rules": null, "max_severity": "", "min_severity": "" diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/fullconfig.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/fullconfig.json index 9c14c2197..b3e95fd4c 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/fullconfig.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/fullconfig.json @@ -41,7 +41,34 @@ "${aws_security_group.sg_playground.id}" ] }, - "skip_rules": null + "line_config": { + "ami": 78, + "instance_type": 79, + "key_name": 82, + "provisioner": [ + { + "remote-exec": { + "connection": [ + { + "host": 96, + "private_key": 99, + "type": 97, + "user": 98 + } + ], + "inline": 88 + } + } + ], + "subnet_id": 80, + "tags": { + "Environment": 84 + }, + "vpc_security_group_ids": 81 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_internet_gateway": [ @@ -59,7 +86,15 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "tags": { + "Environment": 17 + }, + "vpc_id": 15 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_key_pair": [ @@ -75,7 +110,13 @@ "key_name": "testKey", "public_key": "${file(var.public_key_path)}" }, - "skip_rules": null + "line_config": { + "key_name": 73, + "public_key": 74 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table": [ @@ -99,7 +140,21 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "route": [ + { + "cidr_block": 33, + "gateway_id": 34 + } + ], + "tags": { + "Environment": 37 + }, + "vpc_id": 31 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_route_table_association": [ @@ -115,7 +170,13 @@ "route_table_id": "${aws_route_table.rtb_public_playground.id}", "subnet_id": "${aws_subnet.subnet_public_playground.id}" }, - "skip_rules": null + "line_config": { + "route_table_id": 43, + "subnet_id": 42 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_security_group": [ @@ -162,7 +223,38 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "egress": [ + { + "cidr_blocks": 65, + "from_port": 62, + "protocol": 64, + "to_port": 63 + } + ], + "ingress": [ + { + "cidr_blocks": 53, + "from_port": 50, + "protocol": 52, + "to_port": 51 + }, + { + "cidr_blocks": 59, + "from_port": 56, + "protocol": 58, + "to_port": 57 + } + ], + "name": 47, + "tags": { + "Environment": 68 + }, + "vpc_id": 48 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_subnet": [ @@ -182,7 +274,17 @@ }, "vpc_id": "${aws_vpc.vpc_playground.id}" }, - "skip_rules": null + "line_config": { + "cidr_block": 23, + "map_public_ip_on_launch": 24, + "tags": { + "Environment": 26 + }, + "vpc_id": 22 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ], "aws_vpc": [ @@ -202,7 +304,17 @@ "Environment": "${var.environment_tag}" } }, - "skip_rules": null + "line_config": { + "cidr_block": 6, + "enable_dns_hostnames": 8, + "enable_dns_support": 7, + "tags": { + "Environment": 10 + } + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/moduleconfigs.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/moduleconfigs.json index 45676aefc..ea2195c7a 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/moduleconfigs.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/moduleconfigs.json @@ -127,6 +127,92 @@ } ] }, + "line_config": { + "default_cache_behavior": [ + { + "allowed_methods": 19, + "cached_methods": 20, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 27 + } + ], + "query_string": 24 + } + ], + "target_origin_id": 21, + "viewer_protocol_policy": 30 + } + ], + "enabled": 16, + "ordered_cache_behavior": [ + { + "allowed_methods": 35, + "cached_methods": 36, + "compress": 48, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 44 + } + ], + "headers": 41, + "query_string": 40 + } + ], + "path_pattern": 34, + "target_origin_id": 37, + "viewer_protocol_policy": 49 + }, + { + "allowed_methods": 54, + "cached_methods": 55, + "forwarded_values": [ + { + "cookies": [ + { + "forward": 62 + } + ], + "query_string": 59 + } + ], + "path_pattern": 53, + "target_origin_id": 56, + "viewer_protocol_policy": 66 + } + ], + "origin": [ + { + "domain_name": 8, + "origin_id": 9, + "s3_origin_config": [ + { + "origin_access_identity": 12 + } + ] + } + ], + "restrictions": [ + { + "geo_restriction": [ + { + "locations": 72, + "restriction_type": 71 + } + ] + } + ], + "viewer_certificate": [ + { + "cloudfront_default_certificate": 77, + "minimum_protocol_version": 78 + } + ] + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -147,6 +233,12 @@ "s3_bucket_name": "some-s3-bucket", "s3_key_prefix": "prefix" }, + "line_config": { + "include_global_service_events": 5, + "name": 2, + "s3_bucket_name": 3, + "s3_key_prefix": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -166,6 +258,11 @@ "family": "service", "network_mode": "bridge" }, + "line_config": { + "container_definitions": 4, + "family": 2, + "network_mode": 3 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -186,6 +283,12 @@ "Name": "not-encrypted" } }, + "line_config": { + "creation_token": 2, + "tags": { + "Name": 5 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -208,6 +311,14 @@ "parameter_group_name": "default.memcached1.4", "port": 11211 }, + "line_config": { + "cluster_id": 2, + "engine": 3, + "node_type": 4, + "num_cache_nodes": 5, + "parameter_group_name": 6, + "port": 7 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -225,6 +336,9 @@ "config": { "enable": false }, + "line_config": { + "enable": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -244,6 +358,11 @@ "status": "Inactive", "user": "root" }, + "line_config": { + "pgp_key": 3, + "status": 4, + "user": 2 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -272,6 +391,17 @@ "Environment": "kinesisEncryptedWithKms" } }, + "line_config": { + "encryption_type": 11, + "kms_key_id": 12, + "name": 2, + "retention_period": 4, + "shard_count": 3, + "shard_level_metrics": 6, + "tags": { + "Environment": 15 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -294,6 +424,14 @@ "Setup": "self-healing" } }, + "line_config": { + "description": 2, + "is_enabled": 3, + "tags": { + "Name": 5, + "Setup": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -319,6 +457,17 @@ "policy_name": "wu-tang-ssl", "policy_type_name": "SSLNegotiationPolicyType" }, + "line_config": { + "load_balancer_name": 2, + "policy_attribute": [ + { + "name": 7, + "value": 8 + } + ], + "policy_name": 3, + "policy_type_name": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -341,6 +490,14 @@ "Name": "nos3BucketSseRules" } }, + "line_config": { + "acl": 3, + "bucket": 2, + "tags": { + "Environment": 7, + "Name": 6 + } + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -385,6 +542,30 @@ }, "vpc_id": "some_dummy_vpc" }, + "line_config": { + "description": 3, + "egress": [ + { + "cidr_blocks": 23, + "from_port": 20, + "protocol": 22, + "to_port": 21 + } + ], + "ingress": [ + { + "cidr_blocks": 15, + "from_port": 12, + "protocol": 14, + "to_port": 13 + } + ], + "name": 2, + "tags": { + "Name": 7 + }, + "vpc_id": 4 + }, "skip_rules": null, "max_severity": "", "min_severity": "" @@ -405,21 +586,26 @@ "name": "terraform-example-queue", "policy": { "Statement": [ - { - "Action": "sqs:*", - "Effect": "Allow", - "Principal": "*", - "Resource": "arn:aws:sqs:*:111122223333:queue1", - "Sid": "Queue1_AnonymousAccess_AllActions_WhitelistIP" - } - ], - "Version": "2012-10-17" + { + "Action": "sqs:*", + "Effect": "Allow", + "Principal": "*", + "Resource": "arn:aws:sqs:*:111122223333:queue1", + "Sid": "Queue1_AnonymousAccess_AllActions_WhitelistIP" + } + ], + "Version": "2012-10-17" } }, + "line_config": { + "kms_data_key_reuse_period_seconds": 4, + "kms_master_key_id": 3, + "name": 2, + "policy": 6 + }, "skip_rules": null, "max_severity": "", "min_severity": "" - } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-locals.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-locals.json index 716d2a0cd..db61130ca 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-locals.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-locals.json @@ -11,7 +11,12 @@ "config": { "name": "${lower(bar != null ? bar : bar)}" }, - "skip_rules": null + "line_config": { + "name": 14 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] -} +} \ No newline at end of file diff --git a/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-variables.json b/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-variables.json index 9a1b8f284..fb4fd236c 100644 --- a/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-variables.json +++ b/pkg/iac-providers/terraform/v15/testdata/tfjson/recursive-loop-variables.json @@ -11,7 +11,12 @@ "config": { "container_definitions": "${templatefile(\n ${path.module}/${var.filename},\n {\n foo = \"bar\"\n }\n )}" }, - "skip_rules": null + "line_config": { + "container_definitions": 6 + }, + "skip_rules": null, + "max_severity": "", + "min_severity": "" } ] } \ No newline at end of file