From 1b29cbfa9806128b92e2ee0ac36f3b510670f6e9 Mon Sep 17 00:00:00 2001 From: Pankaj Patil Date: Sun, 30 May 2021 11:25:20 +0530 Subject: [PATCH] fix - source path for k8s file scan is absolute --- pkg/iac-providers/kubernetes/v1/load-dir.go | 26 +---------- .../kubernetes/v1/load-dir_test.go | 45 +++++++++---------- pkg/iac-providers/kubernetes/v1/load-file.go | 21 ++++++++- pkg/iac-providers/kubernetes/v1/types.go | 3 ++ 4 files changed, 46 insertions(+), 49 deletions(-) diff --git a/pkg/iac-providers/kubernetes/v1/load-dir.go b/pkg/iac-providers/kubernetes/v1/load-dir.go index f56002ba4..a606420bd 100644 --- a/pkg/iac-providers/kubernetes/v1/load-dir.go +++ b/pkg/iac-providers/kubernetes/v1/load-dir.go @@ -26,6 +26,8 @@ func (*K8sV1) getFileType(file string) string { // LoadIacDir loads all k8s files in the current directory func (k *K8sV1) LoadIacDir(absRootDir string, nonRecursive bool) (output.AllResourceConfigs, error) { + // set the root directory being scanned + k.absRootDir = absRootDir allResourcesConfig := make(map[string][]output.ResourceConfig) @@ -48,10 +50,6 @@ func (k *K8sV1) LoadIacDir(absRootDir string, nonRecursive bool) (output.AllReso } for key := range configData { - // the source path formed for each resources is absolute, which should be relative - resourceConfigs := configData[key] - makeSourcePathRelative(absRootDir, resourceConfigs) - allResourcesConfig[key] = append(allResourcesConfig[key], configData[key]...) } } @@ -59,23 +57,3 @@ func (k *K8sV1) LoadIacDir(absRootDir string, nonRecursive bool) (output.AllReso return allResourcesConfig, k.errIacLoadDirs } - -// makeSourcePathRelative modifies the source path of each resource from absolute to relative path -func makeSourcePathRelative(absRootDir string, resourceConfigs []output.ResourceConfig) { - for i := range resourceConfigs { - r := &resourceConfigs[i] - var err error - - oldSource := r.Source - - // update the source path - r.Source, err = filepath.Rel(absRootDir, r.Source) - - // though this error should never occur, but, if occurs for some reason, assign the old value of source back - if err != nil { - r.Source = oldSource - zap.S().Debug("error while getting the relative path for", zap.String("IAC file", oldSource), zap.Error(err)) - continue - } - } -} diff --git a/pkg/iac-providers/kubernetes/v1/load-dir_test.go b/pkg/iac-providers/kubernetes/v1/load-dir_test.go index 1f15fc927..f19e3e75d 100644 --- a/pkg/iac-providers/kubernetes/v1/load-dir_test.go +++ b/pkg/iac-providers/kubernetes/v1/load-dir_test.go @@ -105,44 +105,41 @@ func TestLoadIacDir(t *testing.T) { } -func TestMakeSourcePathRelative(t *testing.T) { +func Test_getSourceRelativePath(t *testing.T) { dir1, dir2 := "Dir1", "Dir2" sourcePath1 := filepath.Join(dir1, dir2, "filename.yaml") - sourcePath2 := filepath.Join(dir1, "someDir", "test.yaml") - - testResourceConfigs := []output.ResourceConfig{ - { - Source: sourcePath1, - }, - { - Source: sourcePath2, - }, - } type args struct { - absRootDir string - resourceConfigs []output.ResourceConfig + absRootDir string + sourcePath string } tests := []struct { - name string - expectedSourceValues []string - args args + name string + expectedRelPath string + args args }{ { - name: "test to verify path becomes relative", - expectedSourceValues: []string{filepath.Join(dir2, "filename.yaml"), filepath.Join("someDir", "test.yaml")}, + name: "empty root directory", + args: args{ + sourcePath: sourcePath1, + }, + expectedRelPath: "filename.yaml", + }, + { + name: "root directory not empty", args: args{ - absRootDir: dir1, - resourceConfigs: testResourceConfigs, + absRootDir: dir1, + sourcePath: sourcePath1, }, + expectedRelPath: filepath.Join(dir2, "filename.yaml"), }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - makeSourcePathRelative(tt.args.absRootDir, tt.args.resourceConfigs) - updatedSourceValues := []string{tt.args.resourceConfigs[0].Source, tt.args.resourceConfigs[1].Source} - if !utils.IsSliceEqual(tt.expectedSourceValues, updatedSourceValues) { - t.Errorf("expected source values %v, got %v", tt.expectedSourceValues, updatedSourceValues) + k := &K8sV1{absRootDir: tt.args.absRootDir} + gotRelPath := k.getSourceRelativePath(tt.args.sourcePath) + if gotRelPath != tt.expectedRelPath { + t.Errorf("Test_getSourceRelativePath() = unexpected relative path; want relPath: %s, got relPath: %s", tt.expectedRelPath, gotRelPath) } }) } diff --git a/pkg/iac-providers/kubernetes/v1/load-file.go b/pkg/iac-providers/kubernetes/v1/load-file.go index 995f53df0..11cccdf41 100644 --- a/pkg/iac-providers/kubernetes/v1/load-file.go +++ b/pkg/iac-providers/kubernetes/v1/load-file.go @@ -2,6 +2,9 @@ package k8sv1 import ( "fmt" + "os" + "path/filepath" + "strings" "github.com/accurics/terrascan/pkg/utils" @@ -42,9 +45,25 @@ func (k *K8sV1) LoadIacFile(absFilePath string) (allResourcesConfig output.AllRe } config.Line = doc.StartLine - config.Source = absFilePath + config.Source = k.getSourceRelativePath(absFilePath) allResourcesConfig[config.Type] = append(allResourcesConfig[config.Type], *config) } return allResourcesConfig, nil } + +// getSourceRelativePath fetches the relative path of file being loaded +func (k *K8sV1) getSourceRelativePath(sourceFile string) string { + + // rootDir should be empty when file scan was initiated by user + if k.absRootDir == "" { + pathFragments := strings.Split(sourceFile, string(os.PathSeparator)) + return pathFragments[len(pathFragments)-1] + } + relPath, err := filepath.Rel(k.absRootDir, sourceFile) + if err != nil { + zap.S().Debug("error while getting the relative path for", zap.String("IAC file", sourceFile), zap.Error(err)) + return sourceFile + } + return relPath +} diff --git a/pkg/iac-providers/kubernetes/v1/types.go b/pkg/iac-providers/kubernetes/v1/types.go index cd2093dfa..4f16f2028 100644 --- a/pkg/iac-providers/kubernetes/v1/types.go +++ b/pkg/iac-providers/kubernetes/v1/types.go @@ -21,6 +21,9 @@ import "github.com/hashicorp/go-multierror" // K8sV1 struct implements the IacProvider interface type K8sV1 struct { errIacLoadDirs *multierror.Error + // absRootDir is the root directory being scanned. + // if a file scan was initiated, absRootDir should be empty. + absRootDir string } const (