forked from zhanglimao/trivy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
terraformplan.go
44 lines (35 loc) · 1.18 KB
/
terraformplan.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
package terraformplan
import (
"os"
"path/filepath"
"k8s.io/utils/strings/slices"
"github.com/zhyocean/trivy/pkg/fanal/analyzer"
"github.com/zhyocean/trivy/pkg/fanal/analyzer/config"
"github.com/zhyocean/trivy/pkg/misconf"
)
const (
analyzerType = analyzer.TypeTerraformPlan
version = 1
)
var requiredExts = []string{
".json",
}
func init() {
analyzer.RegisterPostAnalyzer(analyzerType, newTerraformPlanConfigAnalyzer)
}
// terraformPlanConfigAnalyzer is an analyzer for detecting misconfigurations in Terraform files.
// It embeds config.Analyzer so it can implement analyzer.PostAnalyzer.
type terraformPlanConfigAnalyzer struct {
*config.Analyzer
}
func newTerraformPlanConfigAnalyzer(opts analyzer.AnalyzerOptions) (analyzer.PostAnalyzer, error) {
a, err := config.NewAnalyzer(analyzerType, version, misconf.NewTerraformPlanScanner, opts)
if err != nil {
return nil, err
}
return &terraformPlanConfigAnalyzer{Analyzer: a}, nil
}
// Required overrides config.Analyzer.Required() and checks if the given file is a Terraform file.
func (*terraformPlanConfigAnalyzer) Required(filePath string, _ os.FileInfo) bool {
return slices.Contains(requiredExts, filepath.Ext(filePath))
}