Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support for module name in violation summary #774

Merged
merged 3 commits into from
May 17, 2021
Merged

support for module name in violation summary #774

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b891b84
add module name to resource config
patilpankaj212 May 12, 2021
a2b7d5a
add method to get child configs
patilpankaj212 May 12, 2021
77b2ba2
fix failing tests
patilpankaj212 May 12, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions pkg/iac-providers/output/types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,13 +24,14 @@ import (

// ResourceConfig describes a resource present in IaC
type ResourceConfig struct {
ID string `json:"id"`
Name string `json:"name"`
Source string `json:"source"`
PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" `
Line int `json:"line"`
Type string `json:"type"`
Config interface{} `json:"config"`
ID string `json:"id"`
Name string `json:"name"`
ModuleName string `json:"module_name,omitempty" yaml:"module_name,omitempty"`
Source string `json:"source"`
PlanRoot string `json:"plan_root,omitempty" yaml:"plan_root,omitempty" `
Line int `json:"line"`
Type string `json:"type"`
Config interface{} `json:"config"`
// SkipRules will hold the rules to be skipped for the resource.
// Each iac provider should append the rules to be skipped for a resource,
// while extracting resource from the iac files
Expand Down
41 changes: 25 additions & 16 deletions pkg/iac-providers/terraform/commons/load-dir.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ var (
type ModuleConfig struct {
Config *hclConfigs.Config
ParentModuleCall *hclConfigs.ModuleCall
Name string
}

// TerraformDirectoryLoader implements terraform directory loading
Expand Down Expand Up @@ -136,7 +137,7 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
*/

// queue of for BFS, add root module config to it
root := &ModuleConfig{Config: unified.Root}
root := &ModuleConfig{Config: unified.Root, Name: "root"}
configsQ := []*ModuleConfig{root}

// using BFS traverse through all modules in the unified config tree
Expand All @@ -160,6 +161,9 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
continue
}

// set module name
resourceConfig.ModuleName = current.Name

// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))

Expand Down Expand Up @@ -193,13 +197,7 @@ func (t TerraformDirectoryLoader) loadDirRecursive(dirList []string) (output.All
}

// add all current's children to the queue
for childName, childModule := range current.Config.Children {
childModuleConfig := &ModuleConfig{
Config: childModule,
ParentModuleCall: current.Config.Module.ModuleCalls[childName],
}
configsQ = append(configsQ, childModuleConfig)
}
configsQ = append(configsQ, current.getChildConfigs()...)
}
}

Expand Down Expand Up @@ -253,7 +251,7 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
*/

// queue of for BFS, add root module config to it
root := &ModuleConfig{Config: unified.Root}
root := &ModuleConfig{Config: unified.Root, Name: "root"}
configsQ := []*ModuleConfig{root}

// using BFS traverse through all modules in the unified config tree
Expand All @@ -276,6 +274,9 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
return allResourcesConfig, multierror.Append(t.errIacLoadDirs, results.DirScanErr{IacType: "terraform", Directory: t.absRootDir, ErrMessage: "failed to create ResourceConfig"})
}

// set module name
resourceConfig.ModuleName = current.Name

// resolve references
resourceConfig.Config = r.ResolveRefs(resourceConfig.Config.(jsonObj))

Expand All @@ -301,13 +302,7 @@ func (t TerraformDirectoryLoader) loadDirNonRecursive() (output.AllResourceConfi
}

// add all current's children to the queue
for childName, childModule := range current.Config.Children {
childModuleConfig := &ModuleConfig{
Config: childModule,
ParentModuleCall: current.Config.Module.ModuleCalls[childName],
}
configsQ = append(configsQ, childModuleConfig)
}
configsQ = append(configsQ, current.getChildConfigs()...)
}

// successful
Expand Down Expand Up @@ -389,3 +384,17 @@ func (t TerraformDirectoryLoader) processTerraformRegistrySource(req *hclConfigs

return pathToModule, nil
}

// getChildConfigs will get all child configs in a ModuleConfig
func (m *ModuleConfig) getChildConfigs() []*ModuleConfig {
allConfigs := make([]*ModuleConfig, 0)
for childName, childModule := range m.Config.Children {
childModuleConfig := &ModuleConfig{
Config: childModule,
ParentModuleCall: m.Config.Module.ModuleCalls[childName],
Name: childName,
}
allConfigs = append(allConfigs, childModuleConfig)
}
return allConfigs
}
4 changes: 4 additions & 0 deletions pkg/iac-providers/terraform/commons/load-file.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,10 @@ func LoadIacFile(absFilePath string) (allResourcesConfig output.AllResourceConfi
return allResourcesConfig, fmt.Errorf("failed to create ResourceConfig")
}

// set module name
// module name for the file scan will always be root
resourceConfig.ModuleName = "root"

// extract file name from path
resourceConfig.Source = getFileName(resourceConfig.Source)

Expand Down
10 changes: 9 additions & 1 deletion pkg/iac-providers/terraform/v12/testdata/tfjson/config1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
{
"id": "aws_instance.instance_playground",
"name": "instance_playground",
"module_name": "root",
"source": "config1.tf",
"line": 77,
"type": "aws_instance",
Expand Down Expand Up @@ -46,6 +47,7 @@
{
"id": "aws_internet_gateway.igw_playground",
"name": "igw_playground",
"module_name": "root",
"source": "config1.tf",
"line": 14,
"type": "aws_internet_gateway",
Expand All @@ -62,6 +64,7 @@
{
"id": "aws_key_pair.ec2key_playground",
"name": "ec2key_playground",
"module_name": "root",
"source": "config1.tf",
"line": 72,
"type": "aws_key_pair",
Expand All @@ -76,6 +79,7 @@
{
"id": "aws_route_table.rtb_public_playground",
"name": "rtb_public_playground",
"module_name": "root",
"source": "config1.tf",
"line": 30,
"type": "aws_route_table",
Expand All @@ -98,6 +102,7 @@
{
"id": "aws_route_table_association.rta_subnet_public_playground",
"name": "rta_subnet_public_playground",
"module_name": "root",
"source": "config1.tf",
"line": 41,
"type": "aws_route_table_association",
Expand All @@ -112,6 +117,7 @@
{
"id": "aws_security_group.sg_playground",
"name": "sg_playground",
"module_name": "root",
"source": "config1.tf",
"line": 46,
"type": "aws_security_group",
Expand Down Expand Up @@ -157,6 +163,7 @@
{
"id": "aws_subnet.subnet_public_playground",
"name": "subnet_public_playground",
"module_name": "root",
"source": "config1.tf",
"line": 21,
"type": "aws_subnet",
Expand All @@ -175,6 +182,7 @@
{
"id": "aws_vpc.vpc_playground",
"name": "vpc_playground",
"module_name": "root",
"source": "config1.tf",
"line": 5,
"type": "aws_vpc",
Expand All @@ -189,4 +197,4 @@
"skip_rules": null
}
]
}
}
4 changes: 4 additions & 0 deletions pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules-recursive.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"module_name": "m1",
"source": "modules/m1/main.tf",
"plan_root": "./",
"line": 20,
Expand All @@ -16,6 +17,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"module_name": "m4",
"source": "modules/m4/main.tf",
"plan_root": "./",
"line": 11,
Expand All @@ -29,6 +31,7 @@
{
"id": "aws_s3_bucket.bucket4a",
"name": "bucket4a",
"module_name": "m4a",
"source": "modules/m4/modules/m4a/main.tf",
"plan_root": "./",
"line": 20,
Expand All @@ -42,6 +45,7 @@
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"module_name": "root",
"source": "modules/m4/main.tf",
"plan_root": "modules/m4",
"line": 11,
Expand Down
80 changes: 43 additions & 37 deletions pkg/iac-providers/terraform/v12/testdata/tfjson/deep-modules.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,40 +1,46 @@
{
"aws_s3_bucket": [
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"source": "modules/m1/main.tf",
"plan_root": "./",
"line": 20,
"type": "aws_s3_bucket",
"config": {
"bucket": "${module.m3.fullbucketname}",
"policy": "${module.m2.fullbucketpolicy}"
}
"aws_s3_bucket": [
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"module_name": "m1",
"source": "modules/m1/main.tf",
"plan_root": "./",
"line": 20,
"type": "aws_s3_bucket",
"config": {
"bucket": "${module.m3.fullbucketname}",
"policy": "${module.m2.fullbucketpolicy}"
},
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"source": "modules/m4/main.tf",
"plan_root": "./",
"line": 11,
"type": "aws_s3_bucket",
"config": {
"bucket": "tf-test-project-2",
"policy": "${module.m4a.fullbucketpolicy}"
}
"skip_rules": null
},
{
"id": "aws_s3_bucket.bucket",
"name": "bucket",
"module_name": "m4",
"source": "modules/m4/main.tf",
"plan_root": "./",
"line": 11,
"type": "aws_s3_bucket",
"config": {
"bucket": "tf-test-project-2",
"policy": "${module.m4a.fullbucketpolicy}"
},
{
"id": "aws_s3_bucket.bucket4a",
"name": "bucket4a",
"source": "modules/m4/modules/m4a/main.tf",
"plan_root": "./",
"line": 20,
"type": "aws_s3_bucket",
"config": {
"bucket": "${module.m4c.fullbucketname}",
"policy": "${module.m4b.fullbucketpolicy}"
}
}
]
}
"skip_rules": null
},
{
"id": "aws_s3_bucket.bucket4a",
"name": "bucket4a",
"module_name": "m4a",
"source": "modules/m4/modules/m4a/main.tf",
"plan_root": "./",
"line": 20,
"type": "aws_s3_bucket",
"config": {
"bucket": "${module.m4c.fullbucketname}",
"policy": "${module.m4b.fullbucketpolicy}"
},
"skip_rules": null
}
]
}
4 changes: 4 additions & 0 deletions pkg/iac-providers/terraform/v12/testdata/tfjson/dummyconfig.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
{
"id": "terraform_remote_state.remote",
"name": "remote",
"module_name": "root",
"source": "dummyconfig.tf",
"line": 41,
"type": "terraform_remote_state",
Expand All @@ -22,6 +23,7 @@
{
"id": "type1.resource1",
"name": "resource1",
"module_name": "root",
"source": "dummyconfig.tf",
"line": 1,
"type": "type1",
Expand All @@ -48,6 +50,7 @@
{
"id": "type2.resource2",
"name": "resource2",
"module_name": "root",
"source": "dummyconfig.tf",
"line": 13,
"type": "type2",
Expand All @@ -70,6 +73,7 @@
{
"id": "type3.resource3",
"name": "resource3",
"module_name": "root",
"source": "dummyconfig.tf",
"line": 26,
"type": "type3",
Expand Down
Loading