From 2801e5d391d3deb8c6d89181842334fc5ab1a3a8 Mon Sep 17 00:00:00 2001 From: yaaraverner Date: Mon, 2 Oct 2023 11:46:05 +0300 Subject: [PATCH 1/4] convert subgraph path to None if not exist --- checkov/common/bridgecrew/wrapper.py | 2 +- checkov/terraform/runner.py | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/checkov/common/bridgecrew/wrapper.py b/checkov/common/bridgecrew/wrapper.py index 196769b90cf..c2e402ddfea 100644 --- a/checkov/common/bridgecrew/wrapper.py +++ b/checkov/common/bridgecrew/wrapper.py @@ -173,7 +173,7 @@ def _upload_graph(check_type: str, graph: LibraryGraph, _absolute_root_folder: s else: logging.error(f"unsupported graph type '{graph.__class__.__name__}'") return - multi_graph_addition = (f"multi-graph/{subgraph_path}" if subgraph_path is not None else '').rstrip("/") + multi_graph_addition = (f"multi-graph/{subgraph_path}" if subgraph_path else '').rstrip("/") s3_key = os.path.join(graphs_repo_object_key, check_type, multi_graph_addition, graph_file_name) try: _put_json_object(s3_client, json_obj, bucket, s3_key) diff --git a/checkov/terraform/runner.py b/checkov/terraform/runner.py index ae3cebb0660..f28721615d9 100644 --- a/checkov/terraform/runner.py +++ b/checkov/terraform/runner.py @@ -3,7 +3,7 @@ import dataclasses import logging import os -from typing import Any, TYPE_CHECKING +from typing import Any, TYPE_CHECKING, Optional from typing_extensions import TypeAlias # noqa[TC002] @@ -56,7 +56,7 @@ def __init__( graph_manager: TerraformGraphManager | None = None, ) -> None: super().__init__(parser, db_connector, external_registries, source, graph_class, graph_manager) - self.all_graphs: list[tuple[LibraryGraph, str]] = [] + self.all_graphs: list[tuple[LibraryGraph, Optional[str]]] = [] def run( self, @@ -108,7 +108,7 @@ def run( create_graph=CHECKOV_CREATE_GRAPH, ) # Make graph a list to allow single processing method for all cases - local_graphs = [('', single_graph)] + local_graphs = [(None, single_graph)] elif files: files = [os.path.abspath(file) for file in files] root_folder = os.path.split(os.path.commonprefix(files))[0] @@ -121,7 +121,7 @@ def run( ) else: # local_graph needs to be a list to allow supporting multi graph - local_graphs = [('', self.graph_manager.build_graph_from_definitions(self.definitions))] + local_graphs = [(None, self.graph_manager.build_graph_from_definitions(self.definitions))] else: raise Exception("Root directory was not specified, files were not specified") @@ -190,7 +190,7 @@ def parse_file(file: str) -> tuple[str, dict[str, Any] | None, dict[str, Excepti parsing_errors.update(file_parsing_errors) def _update_definitions_and_breadcrumbs( - self, local_graphs: list[tuple[str, TerraformLocalGraph]], report: Report, root_folder: str + self, local_graphs: list[tuple[Optional[str], TerraformLocalGraph]], report: Report, root_folder: str ) -> None: self.definitions = {} self.breadcrumbs = {} From 933637a348a08f81a611fda51c9baf02d004a8f8 Mon Sep 17 00:00:00 2001 From: yaaraverner Date: Mon, 2 Oct 2023 11:50:11 +0300 Subject: [PATCH 2/4] revert changes in wrapper --- checkov/common/bridgecrew/wrapper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/checkov/common/bridgecrew/wrapper.py b/checkov/common/bridgecrew/wrapper.py index c2e402ddfea..196769b90cf 100644 --- a/checkov/common/bridgecrew/wrapper.py +++ b/checkov/common/bridgecrew/wrapper.py @@ -173,7 +173,7 @@ def _upload_graph(check_type: str, graph: LibraryGraph, _absolute_root_folder: s else: logging.error(f"unsupported graph type '{graph.__class__.__name__}'") return - multi_graph_addition = (f"multi-graph/{subgraph_path}" if subgraph_path else '').rstrip("/") + multi_graph_addition = (f"multi-graph/{subgraph_path}" if subgraph_path is not None else '').rstrip("/") s3_key = os.path.join(graphs_repo_object_key, check_type, multi_graph_addition, graph_file_name) try: _put_json_object(s3_client, json_obj, bucket, s3_key) From d5a5b2b50c63dc8a618e04bace24b80060a8d3cb Mon Sep 17 00:00:00 2001 From: yaaraverner Date: Mon, 2 Oct 2023 11:53:19 +0300 Subject: [PATCH 3/4] fix mypy --- checkov/terraform/graph_manager.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/checkov/terraform/graph_manager.py b/checkov/terraform/graph_manager.py index 708529c402f..c49e9691a55 100644 --- a/checkov/terraform/graph_manager.py +++ b/checkov/terraform/graph_manager.py @@ -1,7 +1,7 @@ from __future__ import annotations import logging -from typing import Type, Any, TYPE_CHECKING, overload +from typing import Type, Any, TYPE_CHECKING, overload, Optional from checkov.common.util.consts import DEFAULT_EXTERNAL_MODULES_DIR from checkov.terraform.graph_builder.local_graph import TerraformLocalGraph @@ -113,11 +113,11 @@ def build_graph_from_definitions( return local_graph def build_multi_graph_from_definitions(self, definitions: dict[TFDefinitionKey, dict[str, Any]], - render_variables: bool = True) -> list[tuple[str, TerraformLocalGraph]]: + render_variables: bool = True) -> list[tuple[Optional[str], TerraformLocalGraph]]: module, tf_definitions = self.parser.parse_hcl_module_from_tf_definitions(definitions, "", self.source) dirs_to_definitions = self.parser.create_definition_by_dirs(tf_definitions) - graphs: list[tuple[str, TerraformLocalGraph]] = [] + graphs: list[tuple[Optional[str], TerraformLocalGraph]] = [] for source_path, dir_definitions in dirs_to_definitions.items(): module, parsed_tf_definitions = self.parser.parse_hcl_module_from_multi_tf_definitions(dir_definitions, source_path, self.source) local_graph = TerraformLocalGraph(module) From 6cea7b19551c4afc6c6bc612257fae49d270e6ef Mon Sep 17 00:00:00 2001 From: yaaraverner Date: Mon, 2 Oct 2023 12:01:44 +0300 Subject: [PATCH 4/4] fix mypy --- checkov/terraform/graph_manager.py | 6 +++--- checkov/terraform/runner.py | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/checkov/terraform/graph_manager.py b/checkov/terraform/graph_manager.py index c49e9691a55..708529c402f 100644 --- a/checkov/terraform/graph_manager.py +++ b/checkov/terraform/graph_manager.py @@ -1,7 +1,7 @@ from __future__ import annotations import logging -from typing import Type, Any, TYPE_CHECKING, overload, Optional +from typing import Type, Any, TYPE_CHECKING, overload from checkov.common.util.consts import DEFAULT_EXTERNAL_MODULES_DIR from checkov.terraform.graph_builder.local_graph import TerraformLocalGraph @@ -113,11 +113,11 @@ def build_graph_from_definitions( return local_graph def build_multi_graph_from_definitions(self, definitions: dict[TFDefinitionKey, dict[str, Any]], - render_variables: bool = True) -> list[tuple[Optional[str], TerraformLocalGraph]]: + render_variables: bool = True) -> list[tuple[str, TerraformLocalGraph]]: module, tf_definitions = self.parser.parse_hcl_module_from_tf_definitions(definitions, "", self.source) dirs_to_definitions = self.parser.create_definition_by_dirs(tf_definitions) - graphs: list[tuple[Optional[str], TerraformLocalGraph]] = [] + graphs: list[tuple[str, TerraformLocalGraph]] = [] for source_path, dir_definitions in dirs_to_definitions.items(): module, parsed_tf_definitions = self.parser.parse_hcl_module_from_multi_tf_definitions(dir_definitions, source_path, self.source) local_graph = TerraformLocalGraph(module) diff --git a/checkov/terraform/runner.py b/checkov/terraform/runner.py index f28721615d9..81763cba964 100644 --- a/checkov/terraform/runner.py +++ b/checkov/terraform/runner.py @@ -73,7 +73,7 @@ def run( report = Report(self.check_type) parsing_errors: dict[str, Exception] = {} self.load_external_checks(external_checks_dir) - local_graphs = None + local_graphs: Optional[list[tuple[Optional[str], Optional[TerraformLocalGraph]]]] = None if self.context is None or self.definitions is None or self.breadcrumbs is None: self.definitions = {} logging.info("Scanning root folder and producing fresh tf_definitions and context")