Terrascan init and config handling refactor #576
Conversation
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
2 times, most recently
from
d03f7c3
to
2d64a97
Compare
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
2 times, most recently
from
1ca848a
to
5b9f3fa
Compare
devang-gaur
changed the title
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
from
9845a54
to
51d8817
Compare
Codecov Report
@@ Coverage Diff @@
## master #576 +/- ##
==========================================
- Coverage 78.13% 78.08% -0.06%
==========================================
Files 103 104 +1
Lines 2570 2596 +26
==========================================
+ Hits 2008 2027 +19
- Misses 420 422 +2
- Partials 142 147 +5
|
devang-gaur
changed the title
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
2 times, most recently
from
eafa454
to
b2f9759
Compare
devang-gaur
changed the title
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
2 times, most recently
from
fe97d9b
to
85e6077
Compare
pkg/cli/register.go
Outdated
| @@ -43,8 +46,24 @@ func Execute() { | |||
| cobra.OnInitialize(func() { | |||
| // Set up the logger | |||
| logging.Init(LogType, LogLevel) | |||
|
|
|||
| var configfile string | |||
There was a problem hiding this comment.
I believe we can completely get rid of configfile variable
pkg/cli/register.go
Outdated
| ) | ||
|
|
||
| const configEnvvarName = "TERRASCAN_CONFIG" |
There was a problem hiding this comment.
We can Globally export this env variable in config package
| ) | ||
|
|
||
| func TestLoadGlobalConfig(t *testing.T) { | ||
| testConfigFile := "./testdata/terrascan-config.toml" | ||
| absDefaultBasePolicyPath, absDefaultPolicyRepoPath, _ := utils.GetAbsPolicyConfigPaths(defaultBasePolicyPath, defaultPolicyRepoPath) |
There was a problem hiding this comment.
It would be better to handle errors here!
pkg/initialize/run.go
Outdated
| if isScanCmd { | ||
| if path, err := os.Stat(config.GetPolicyRepoPath()); err == nil && path.IsDir() { | ||
|
|
||
| zap.S().Debug("EXISTS AND IS A DIR") |
There was a problem hiding this comment.
Can we please improve this debug message? or remove it?
pkg/initialize/run.go
Outdated
|
|
||
| zap.S().Debug("EXISTS AND IS A DIR") | ||
| if isNonInitCmd { | ||
| zap.S().Debug("IS NON INIT") |
There was a problem hiding this comment.
Can we please improve this debug message? or remove it?
pkg/notifications/notifiers.go
Outdated
| // ErrTomlKeyNotPresent will be returned when config file does not have notificationsConfigKey | ||
| ErrTomlKeyNotPresent = fmt.Errorf("key not present in toml config") | ||
| // ErrNotificationNotPresent error is caused when there isn't any notification present in the config | ||
| ErrNotificationNotPresent = fmt.Errorf("no notification present") |
There was a problem hiding this comment.
Let's try to indicate that the notifications are not present in config file
pkg/notifications/notifiers.go
Outdated
| return notifiers, ErrTomlKeyNotPresent | ||
| notifications := config.GetNotifications() | ||
| if len(notifications) == 0 { | ||
| zap.S().Debug("no notification detected from config") |
There was a problem hiding this comment.
May be we can improve this message, something like no notification specified in config
| @@ -18,16 +18,16 @@ package runtime | |||
|
|
|||
| import ( | |||
| "fmt" | |||
| iacProvider "github.com/accurics/terrascan/pkg/iac-providers" | |||
There was a problem hiding this comment.
Please run goimports -e -w pkg/!
There was a problem hiding this comment.
thanks for pointing out
| if len(configReader.GetSeverity().Level) > 0 { | ||
| e.severity = configReader.GetSeverity().Level | ||
| if len(config.GetSeverityLevel()) > 0 { | ||
| e.severity = config.GetSeverityLevel() |
There was a problem hiding this comment.
Please check why rules_test.go is deleted?
There was a problem hiding this comment.
I recall that rules_test.go was checking how rules are being parsed from the config file. and now that logic has been shifted inside LoadGlobalConfig itself now.
| @@ -64,6 +65,12 @@ func Run(isScanCmd bool) error { | |||
|
|
|||
| // DownloadPolicies clones the policies to a local folder | |||
| func DownloadPolicies() error { | |||
|
|
|||
| policyBasePath := config.GetPolicyBasePath() | |||
There was a problem hiding this comment.
instead of assigning new variables, we can use values directly?
There was a problem hiding this comment.
changes made where feasible
pkg/cli/register.go
Outdated
| configfile = os.Getenv(configEnvvarName) | ||
| } | ||
|
|
||
| zap.S().Debugf("%s=%s", configEnvvarName, os.Getenv(configEnvvarName)) |
There was a problem hiding this comment.
if env variable is not specified, we would log:
TERRASCAN_CONFIG=, is that okay?
also, we are using : when logging a value.
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
from
85e6077
to
e0c6af6
Compare
…t specified together
devang-gaur
force-pushed
the
terrascan_init_refactor
branch
from
e0c6af6
to
10d8469
Compare
|
Kudos, SonarCloud Quality Gate passed!
|
fixes #550 . fixes #570, fixes #619
This refactor is mainly regarding how config is handled in terrascan code. These above mentioned bug fixes are a ripple effect of this refactor.
Regarding #619 , a warning will be logged every time the user specify only one of the two policy path params, path & rego_subdir . after the warning, the default value will be applied for the unspecified of the two policy path parameter.
Regarding config, the global scoped configuration will be loaded once and only once, into singleton object, to maintain a single source of truth. To access the config values, getter functions such as config.GetPolicyBasePath( ) must be used.
PS : make sure you don't store the config values in a package scoped variable like below or inside the init( ) method,
that won't work as those values are loaded in compile time whereas the config itself is loaded in runtime. So, that compile time loaded variable, demoPath's, value would be blank.