actions/superlint
1
0
Fork 0
mirror of https://github.com/super-linter/super-linter.git synced 2024-11-09 18:43:34 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #632 from cesar-rodriguez/terrascan-v1

Browse source 
Updates to support Terrascan v1.0.0+
This commit is contained in:
Lukas Gravley 2020-08-27 08:54:31 -05:00 committed by GitHub
commit c632d56548
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 26 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.automation/test/terraform/good/terraform_good_1.tf
View file

@ -3,6 +3,8 @@ resource "aws_instance" "good" {
instance_type = "t2.small" instance_type = "t2.small"
associate_public_ip_address = false associate_public_ip_address = false
vpc_security_group_ids = ["sg-12345678901234567"]
ebs_block_device { ebs_block_device {
encrypted = true encrypted = true
} }

11
.automation/test/terraform_terrascan/bad/terraform_bad_1.tf
View file

@ -1,9 +1,8 @@
resource "aws_instance" "bad" { resource "aws_instance" "instanceWithNoVpc" {
ami = "ami-0ff8a91507f77f867" ami = "some-id"
instance_type = "t2.small" instance_type = "t2.micro"
associate_public_ip_address = true
ebs_block_device { tags = {
encrypted = true Name = "HelloWorld"
} }
} }

14
.automation/test/terraform_terrascan/good/terraform_good_1.tf
View file

@ -1,9 +1,11 @@
resource "aws_instance" "good" { resource "aws_instance" "instanceWithVpc" {
ami = "ami-0ff8a91507f77f867" ami = "some-id"
instance_type = "t2.small" instance_type = "t2.micro"
associate_public_ip_address = false
ebs_block_device { vpc_security_group_ids = ["sg-12345678901234567"]
encrypted = true subnet_id = "subnet-12345678901234567"
tags = {
Name = "HelloWorld"
} }
} }

8
Dockerfile
View file

@ -14,6 +14,7 @@ FROM golangci/golangci-lint:v1.30.0 as golangci-lint
FROM yoheimuta/protolint:v0.26.0 as protolint FROM yoheimuta/protolint:v0.26.0 as protolint
FROM koalaman/shellcheck:v0.7.1 as shellcheck FROM koalaman/shellcheck:v0.7.1 as shellcheck
FROM wata727/tflint:0.19.1 as tflint FROM wata727/tflint:0.19.1 as tflint
FROM accurics/terrascan:latest as terrascan
FROM hadolint/hadolint:latest-alpine as dockerfile-lint FROM hadolint/hadolint:latest-alpine as dockerfile-lint
FROM assignuser/lintr-lib:v0.1.0 as lintr-lib FROM assignuser/lintr-lib:v0.1.0 as lintr-lib
FROM assignuser/chktex-alpine:v0.1.0 as chktex FROM assignuser/chktex-alpine:v0.1.0 as chktex
@ -166,6 +167,13 @@ COPY --from=golangci-lint /usr/bin/golangci-lint /usr/bin/
################## ##################
COPY --from=tflint /usr/local/bin/tflint /usr/bin/ COPY --from=tflint /usr/local/bin/tflint /usr/bin/
##################
# Install Terrascan #
##################
COPY --from=terrascan /go/bin/terrascan /usr/bin/
RUN terrascan init
###################### ######################
# Install protolint # # Install protolint #
###################### ######################

2
README.md
View file

@ -236,7 +236,7 @@ But if you wish to select or exclude specific linters, we give you full control
| **VALIDATE_STATES** | `true` | Flag to enable or disable the linting process for AWS States Language. | | **VALIDATE_STATES** | `true` | Flag to enable or disable the linting process for AWS States Language. |
| **VALIDATE_SQL** | `true` | Flag to enable or disable the linting process of the SQL language. | | **VALIDATE_SQL** | `true` | Flag to enable or disable the linting process of the SQL language. |
| **VALIDATE_TERRAFORM** | `true` | Flag to enable or disable the linting process of the Terraform language. | | **VALIDATE_TERRAFORM** | `true` | Flag to enable or disable the linting process of the Terraform language. |
| **VALIDATE_TERRAFORM_TERRASCAN** | `false` | Flag to enable or disable the linting process of the Terraform language for security related issues. | | **VALIDATE_TERRAFORM_TERRASCAN** | `true` | Flag to enable or disable the linting process of the Terraform language for security related issues. |
| **VALIDATE_TSX** | `true` | Flag to enable or disable the linting process for tsx files (Utilizing: eslint) | | **VALIDATE_TSX** | `true` | Flag to enable or disable the linting process for tsx files (Utilizing: eslint) |
| **VALIDATE_TYPESCRIPT_ES** | `true` | Flag to enable or disable the linting process of the Typescript language. (Utilizing: eslint) | | **VALIDATE_TYPESCRIPT_ES** | `true` | Flag to enable or disable the linting process of the Typescript language. (Utilizing: eslint) |
| **VALIDATE_TYPESCRIPT_STANDARD** | `true` | Flag to enable or disable the linting process of the Typescript language. (Utilizing: standard) | | **VALIDATE_TYPESCRIPT_STANDARD** | `true` | Flag to enable or disable the linting process of the Typescript language. (Utilizing: standard) |

1
dependencies/Pipfile vendored
View file

@ -10,7 +10,6 @@ black = "*"
cfn-lint = "*" cfn-lint = "*"
flake8 = "*" flake8 = "*"
pylint = "*" pylint = "*"
terrascan = "*"
yamllint = "*" yamllint = "*"
yq = "*" yq = "*"

8
dependencies/Pipfile.lock generated vendored
View file

@ -307,14 +307,6 @@
], ],
"version": "==1.15.0" "version": "==1.15.0"
}, },
"terrascan": {
"hashes": [
"sha256:2003638e2e38feba9215df3add2ee99565731b86dbd5c43fd8982b1a4ddac927",
"sha256:b44d8c7eac96aa8094865061783ab0e8e849690b8187b75778caf5dd34002d18"
],
"index": "pypi",
"version": "==0.2.3"
},
"toml": { "toml": {
"hashes": [ "hashes": [
"sha256:926b612be1e5ce0634a2ca03470f95169cf16f939018233a670519cb4ac58b0f", "sha256:926b612be1e5ce0634a2ca03470f95169cf16f939018233a670519cb4ac58b0f",

2
lib/linter.sh
View file

@ -1869,7 +1869,7 @@ if [ "${VALIDATE_TERRAFORM_TERRASCAN}" == "true" ]; then
# Lint the Terraform files # # Lint the Terraform files #
############################ ############################
# LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY" # LintCodebase "FILE_TYPE" "LINTER_NAME" "LINTER_CMD" "FILE_TYPES_REGEX" "FILE_ARRAY"
LintCodebase "TERRAFORM_TERRASCAN" "terrascan" "terrascan -f " ".*\.\(tf\)\$" "${FILE_ARRAY_TERRAFORM_TERRASCAN[@]}" LintCodebase "TERRAFORM_TERRASCAN" "terrascan" "terrascan scan -p /root/.terrascan/pkg/policies/opa/rego/ -t aws -f " ".*\.\(tf\)\$" "${FILE_ARRAY_TERRAFORM_TERRASCAN[@]}"
fi fi
############### ###############

2
lib/worker.sh
View file

@ -651,7 +651,7 @@ function RunTestCases() {
TestCodebase "STATES" "asl-validator" "asl-validator --json-path" ".*\.\(json\)\$" "states" TestCodebase "STATES" "asl-validator" "asl-validator --json-path" ".*\.\(json\)\$" "states"
TestCodebase "SQL" "sql-lint" "sql-lint --config ${SQL_LINTER_RULES}" ".*\.\(sql\)\$" "sql" TestCodebase "SQL" "sql-lint" "sql-lint --config ${SQL_LINTER_RULES}" ".*\.\(sql\)\$" "sql"
TestCodebase "TERRAFORM" "tflint" "tflint -c ${TERRAFORM_LINTER_RULES}" ".*\.\(tf\)\$" "terraform" TestCodebase "TERRAFORM" "tflint" "tflint -c ${TERRAFORM_LINTER_RULES}" ".*\.\(tf\)\$" "terraform"
TestCodebase "TERRAFORM_TERRASCAN" "terrascan" "terrascan -f" ".*\.\(tf\)\$" "terraform_terrascan" TestCodebase "TERRAFORM_TERRASCAN" "terrascan" "terrascan scan -p /root/.terrascan/pkg/policies/opa/rego/ -t aws -f " ".*\.\(tf\)\$" "terraform_terrascan"
TestCodebase "TYPESCRIPT_ES" "eslint" "eslint --no-eslintrc -c ${TYPESCRIPT_LINTER_RULES}" ".*\.\(ts\)\$" "typescript" TestCodebase "TYPESCRIPT_ES" "eslint" "eslint --no-eslintrc -c ${TYPESCRIPT_LINTER_RULES}" ".*\.\(ts\)\$" "typescript"
TestCodebase "TYPESCRIPT_STANDARD" "standard" "standard --parser @typescript-eslint/parser --plugin @typescript-eslint/eslint-plugin ${TYPESCRIPT_STANDARD_LINTER_RULES}" ".*\.\(ts\)\$" "typescript" TestCodebase "TYPESCRIPT_STANDARD" "standard" "standard --parser @typescript-eslint/parser --plugin @typescript-eslint/eslint-plugin ${TYPESCRIPT_STANDARD_LINTER_RULES}" ".*\.\(ts\)\$" "typescript"
TestCodebase "XML" "xmllint" "xmllint" ".*\.\(xml\)\$" "xml" TestCodebase "XML" "xmllint" "xmllint" ".*\.\(xml\)\$" "xml"