Skip to content

Commit

Permalink
fix(terraform): ensure consistent path handling across OS (aquasecuri…
Browse files Browse the repository at this point in the history
  • Loading branch information
nikpivkin authored Feb 21, 2024
1 parent 8221473 commit 327cf88
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 14 deletions.
16 changes: 8 additions & 8 deletions pkg/iac/scanners/terraform/parser/load_module.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import (
"errors"
"fmt"
"io/fs"
"path/filepath"
"path"
"strings"

"github.com/zclconf/go-cty/cty"
Expand Down Expand Up @@ -112,7 +112,7 @@ func (e *evaluator) loadModuleFromTerraformCache(ctx context.Context, b *terrafo
name := b.ModuleName()
for _, module := range e.moduleMetadata.Modules {
if module.Key == name {
modulePath = filepath.Clean(filepath.Join(e.projectRootPath, module.Dir))
modulePath = path.Clean(path.Join(e.projectRootPath, module.Dir))
break
}
}
Expand Down Expand Up @@ -162,19 +162,19 @@ func (e *evaluator) loadExternalModule(ctx context.Context, b *terraform.Block,
SkipCache: e.skipCachedModules,
}

filesystem, prefix, path, err := resolveModule(ctx, e.filesystem, opt)
filesystem, prefix, downloadPath, err := resolveModule(ctx, e.filesystem, opt)
if err != nil {
return nil, err
}
prefix = filepath.Join(e.parentParser.moduleSource, prefix)
e.debug.Log("Module '%s' resolved to path '%s' in filesystem '%s' with prefix '%s'", b.FullName(), path, filesystem, prefix)
moduleParser := e.parentParser.newModuleParser(filesystem, prefix, path, b.Label(), b)
if err := moduleParser.ParseFS(ctx, path); err != nil {
prefix = path.Join(e.parentParser.moduleSource, prefix)
e.debug.Log("Module '%s' resolved to path '%s' in filesystem '%s' with prefix '%s'", b.FullName(), downloadPath, filesystem, prefix)
moduleParser := e.parentParser.newModuleParser(filesystem, prefix, downloadPath, b.Label(), b)
if err := moduleParser.ParseFS(ctx, downloadPath); err != nil {
return nil, err
}
return &ModuleDefinition{
Name: b.Label(),
Path: path,
Path: downloadPath,
Definition: b,
Parser: moduleParser,
FileSystem: filesystem,
Expand Down
7 changes: 4 additions & 3 deletions pkg/iac/scanners/terraform/parser/parser.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"io"
"io/fs"
"os"
"path"
"path/filepath"
"sort"
"strings"
Expand Down Expand Up @@ -164,7 +165,7 @@ func (p *Parser) ParseFile(_ context.Context, fullPath string) error {
return err
}
p.metrics.Timings.DiskIODuration += time.Since(diskStart)
if dir := filepath.Dir(fullPath); p.projectRoot == "" {
if dir := path.Dir(fullPath); p.projectRoot == "" {
p.debug.Log("Setting project/module root to '%s'", dir)
p.projectRoot = dir
p.modulePath = dir
Expand Down Expand Up @@ -195,7 +196,7 @@ func (p *Parser) ParseFile(_ context.Context, fullPath string) error {
// ParseFS parses a root module, where it exists at the root of the provided filesystem
func (p *Parser) ParseFS(ctx context.Context, dir string) error {

dir = filepath.Clean(dir)
dir = path.Clean(dir)

if p.projectRoot == "" {
p.debug.Log("Setting project/module root to '%s'", dir)
Expand All @@ -212,7 +213,7 @@ func (p *Parser) ParseFS(ctx context.Context, dir string) error {

var paths []string
for _, info := range fileInfos {
realPath := filepath.Join(dir, info.Name())
realPath := path.Join(dir, info.Name())
if info.Type()&os.ModeSymlink != 0 {
extra, ok := p.moduleFS.(extrafs.FS)
if !ok {
Expand Down
5 changes: 3 additions & 2 deletions pkg/iac/scanners/terraform/parser/resolvers/local.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package resolvers
import (
"context"
"io/fs"
"path"
"path/filepath"
)

Expand All @@ -14,13 +15,13 @@ func (r *localResolver) Resolve(_ context.Context, target fs.FS, opt Options) (f
if !opt.hasPrefix(".", "..") {
return nil, "", "", false, nil
}
joined := filepath.Clean(filepath.Join(opt.ModulePath, opt.Source))
joined := path.Clean(path.Join(opt.ModulePath, opt.Source))
if _, err := fs.Stat(target, filepath.ToSlash(joined)); err == nil {
opt.Debug("Module '%s' resolved locally to %s", opt.Name, joined)
return target, "", joined, true, nil
}

clean := filepath.Clean(opt.Source)
clean := path.Clean(opt.Source)
opt.Debug("Module '%s' resolved locally to %s", opt.Name, clean)
return target, "", clean, true, nil
}
3 changes: 2 additions & 1 deletion pkg/iac/scanners/terraform/scanner.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"io"
"io/fs"
"path"
"path/filepath"
"sort"
"strings"
Expand Down Expand Up @@ -334,7 +335,7 @@ func (s *Scanner) findRootModules(target fs.FS, scanDir string, dirs ...string)
continue
}
for _, file := range files {
realPath := filepath.Join(dir, file.Name())
realPath := path.Join(dir, file.Name())
if symFS, ok := target.(extrafs.ReadLinkFS); ok {
realPath, err = symFS.ResolveSymlink(realPath, scanDir)
if err != nil {
Expand Down

0 comments on commit 327cf88

Please sign in to comment.