Add support to extract rules to skip from terraform comments #434
Conversation
Codecov Report
@@ Coverage Diff @@
## master #434 +/- ##
==========================================
+ Coverage 74.46% 74.57% +0.11%
==========================================
Files 87 88 +1
Lines 2005 2014 +9
==========================================
+ Hits 1493 1502 +9
Misses 379 379
Partials 133 133
|
|
|
||
| "github.com/accurics/terrascan/pkg/iac-providers/output" | ||
| var ( | ||
| skipRulesPattern = regexp.MustCompile(`#ts:skip=\s*(([A-Za-z0-9]+\.?){5})(\s*,\s*([A-Za-z0-9]+\.?){5})*`) |
There was a problem hiding this comment.
Just FYI, I think the rule ID format may go through some changes prior to the next release.
There was a problem hiding this comment.
Yes, kept that in mind!
…urce config comments
kanchwala-yusuf
force-pushed
the
feature/skip-rules
branch
from
c329a3f to
380e60a
Compare
There was a problem hiding this comment.
Changes look fine, my only thought is about the skip_rules param when it is null. Shall we mark this in the json as omitempty? It seems like that would simplify some of the test data by not having to include it when null. Also, it prevents an empty field from being printed out in the yaml/json/xml output.
@williepaul, I agree with you and I do not have a problem using |
|
Kudos, SonarCloud Quality Gate passed!
|
This PR adds support for extracting rule ids to skip policy evaluation. These rules can be set as a comma separated list of rule ids in the comments of terraform resource config in the following pattern:
#ts:skip=AWS.S3Bucket.DS.High.1041, AWS.S3Bucket.DS.High.1042Example of a terraform resource config with rules to skip policy evaluation: