-
Notifications
You must be signed in to change notification settings - Fork 504
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
adds support to scan sub folders for terraform iac provider #640
adds support to scan sub folders for terraform iac provider #640
Conversation
Codecov Report
@@ Coverage Diff @@
## master #640 +/- ##
==========================================
+ Coverage 73.00% 73.78% +0.78%
==========================================
Files 110 110
Lines 3178 3285 +107
==========================================
+ Hits 2320 2424 +104
- Misses 674 677 +3
Partials 184 184
|
5568a30
to
e860bcf
Compare
3ef6d95
to
d3ff6be
Compare
70eb5a5
to
0fd882f
Compare
88a64fc
to
560244c
Compare
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
@@ -92,6 +92,9 @@ type ScanOptions struct { | |||
|
|||
// showPassedRules indicates whether to display passed rules or not | |||
showPassedRules bool | |||
|
|||
// nonRecursive enables recursive scan for the terraform iac provider |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to update the comment to mention non-recursive scan
} | ||
|
||
// NewTerraformDirectoryLoader creates a new terraformDirectoryLoader | ||
func NewTerraformDirectoryLoader(rootDirectory string, nonRecursive bool) TerraformDirectoryLoader { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good work!
// iac providers that support sub folder scanning | ||
// this needs be updated when other iac providers implement | ||
// sub folder scanning | ||
iacWithSubFolderScan := []string{"all", "k8s", "helm"} | ||
if nonRecursive && iacType == "terraform" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess, there is no other option but to implement an IaC specific check
return false | ||
} | ||
|
||
iacWithSubFolderScan := []string{"all", "k8s", "helm", "terraform"} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not in this PR, but we should have this information at the time of IaC registration and create a list of iac types which implement recursive scanning in the init()
of package iac-providers
. And we can fetch it from there, hence eliminating the need to hard code these values here.
--non-recursive
flagplan_root
is added in the resource config and violations summary output