adds support to scan sub folders for terraform iac provider #640
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #640 +/- ##
==========================================
+ Coverage 73.00% 73.78% +0.78%
==========================================
Files 110 110
Lines 3178 3285 +107
==========================================
+ Hits 2320 2424 +104
- Misses 674 677 +3
Partials 184 184
|
patilpankaj212
force-pushed
the
tf-recursive-poc
branch
5 times, most recently
from
5568a30
to
e860bcf
Compare
patilpankaj212
force-pushed
the
tf-recursive-poc
branch
from
3ef6d95
to
d3ff6be
Compare
patilpankaj212
force-pushed
the
tf-recursive-poc
branch
6 times, most recently
from
70eb5a5
to
0fd882f
Compare
patilpankaj212
force-pushed
the
tf-recursive-poc
branch
from
88a64fc
to
560244c
Compare
|
Kudos, SonarCloud Quality Gate passed!
|
kanchwala-yusuf
approved these changes
May 7, 2021
| @@ -92,6 +92,9 @@ type ScanOptions struct { | |||
|
|
|||
| // showPassedRules indicates whether to display passed rules or not | |||
| showPassedRules bool | |||
|
|
|||
| // nonRecursive enables recursive scan for the terraform iac provider | |||
There was a problem hiding this comment.
We need to update the comment to mention non-recursive scan
| } | ||
|
|
||
| // NewTerraformDirectoryLoader creates a new terraformDirectoryLoader | ||
| func NewTerraformDirectoryLoader(rootDirectory string, nonRecursive bool) TerraformDirectoryLoader { |
| // iac providers that support sub folder scanning | ||
| // this needs be updated when other iac providers implement | ||
| // sub folder scanning | ||
| iacWithSubFolderScan := []string{"all", "k8s", "helm"} | ||
| if nonRecursive && iacType == "terraform" { |
There was a problem hiding this comment.
I guess, there is no other option but to implement an IaC specific check
| return false | ||
| } | ||
|
|
||
| iacWithSubFolderScan := []string{"all", "k8s", "helm", "terraform"} |
There was a problem hiding this comment.
Not in this PR, but we should have this information at the time of IaC registration and create a list of iac types which implement recursive scanning in the init() of package iac-providers. And we can fetch it from there, hence eliminating the need to hard code these values here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
--non-recursiveflagplan_rootis added in the resource config and violations summary output