test

src/cloudformation/structure/cloudformation_parser.go

@@ -29,6 +29,7 @@ import (
 type CloudformationParser struct {
 	*types.YamlParser
 	*types.JSONParser
+	skippedByCommentList []string
 }
 
 const TagsAttributeName = "Tags"
@@ -61,6 +62,10 @@ func (p *CloudformationParser) GetSupportedFileExtensions() []string {
 	return []string{common.YamlFileType.Extension, common.YmlFileType.Extension, common.CFTFileType.Extension, common.JSONFileType.Extension}
 }
 
+func (p *CloudformationParser) GetSkipResourcesByComment() []string {
+	return p.skippedByCommentList
+}
+
 // ValidFile Validate file has AWSTemplateFormatVersion
 func (p *CloudformationParser) ValidFile(filePath string) bool {
 	// #nosec G304
@@ -113,6 +118,7 @@ func goformationParse(file string) (*cloudformation.Template, error) {
 }
 
 func (p *CloudformationParser) ParseFile(filePath string) ([]structure.IBlock, error) {
+	skipResourcesByComment := make([]string, 0)
 	goformationLock.Lock()
 	template, err := goformationParse(filePath)
 	goformationLock.Unlock()
@@ -138,7 +144,8 @@ func (p *CloudformationParser) ParseFile(filePath string) ([]structure.IBlock, e
 		var resourceNamesToLines map[string]*structure.Lines
 		switch utils.GetFileFormat(filePath) {
 		case common.YmlFileType.FileFormat, common.YamlFileType.FileFormat:
-			resourceNamesToLines = yaml.MapResourcesLineYAML(filePath, resourceNames, ResourcesStartToken)
+			resourceNamesToLines, skipResourcesByComment = yaml.MapResourcesLineYAML(filePath, resourceNames, ResourcesStartToken)
+			p.skippedByCommentList = append(p.skippedByCommentList, skipResourcesByComment...)
 		case common.JSONFileType.FileFormat:
 			var fileBracketsMapping map[int]json.BracketPair
 			resourceNamesToLines, fileBracketsMapping = json.MapResourcesLineJSON(filePath, resourceNames)

src/cloudformation/structure/cloudformation_parser_test.go

@@ -19,7 +19,7 @@
 		directory := "../../../tests/cloudformation/resources/ebs"
 		cfnParser := CloudformationParser{}
 		cfnParser.Init(directory, nil)
-		cfnBlocks, err := cfnParser.ParseFile(directory + "/ebs.yaml")
+		cfnBlocks, _, err := cfnParser.ParseFile(directory + "/ebs.yaml")
 		if err != nil {
 			t.Errorf("ParseFile() error = %v", err)
 			return
@@ -42,7 +42,7 @@
 		directory := "../../../tests/cloudformation/resources/ebs"
 		cfnParser := CloudformationParser{}
 		cfnParser.Init(directory, nil)
-		cfnBlocks, err := cfnParser.ParseFile(directory + "/ebs.json")
+		cfnBlocks, _, err := cfnParser.ParseFile(directory + "/ebs.json")
 		if err != nil {
 			t.Errorf("ParseFile() error = %v", err)
 			return
@@ -66,7 +66,7 @@
 		cfnParser := CloudformationParser{}
 		cfnParser.Init(directory, nil)
 		sourceFile := directory + "/base.template"
-		cfnBlocks, _ := cfnParser.ParseFile(sourceFile)
+		cfnBlocks, _, _ := cfnParser.ParseFile(sourceFile)
 
 		rawFileLines, _ := cfnParser.FileToResourcesLines.Load(sourceFile)
 		resourceLines := rawFileLines.(structure.Lines)
@@ -81,15 +81,15 @@
 		cfnParser := CloudformationParser{}
 		cfnParser.Init(directory, nil)
 		sourceFile := directory + "/cfn.yaml"
-		cfnBlocks, _ := cfnParser.ParseFile(sourceFile)
+		cfnBlocks, _, _ := cfnParser.ParseFile(sourceFile)
 		assert.Equal(t, 3, len(cfnBlocks))
 	})
 
 	t.Run("parse Policy_PolicyTag", func(t *testing.T) {
 		directory := "../../../tests/cloudformation/resources/special_tags"
 		cfnParser := CloudformationParser{}
 		cfnParser.Init(directory, nil)
-		cfnBlocks, err := cfnParser.ParseFile(directory + "/cfn.yaml")
+		cfnBlocks, err, _ := cfnParser.ParseFile(directory + "/cfn.yaml")
 		if err != nil {
 			t.Errorf("ParseFile() error = %v", err)
 			return
@@ -123,7 +123,7 @@
 		expected := map[string]*structure.Lines{
 			"NewVolume": {Start: 3, End: 15},
 		}
 		actual := yaml.MapResourcesLineYAML(filePath, resourcesNames, ResourcesStartToken)
 		compareLines(t, expected, actual)
 	})
 
@@ -136,7 +136,7 @@
 			"EC2LaunchTemplateResource0": {Start: 18, End: 23},
 			"EC2LaunchTemplateResource1": {Start: 24, End: 34},
 		}
 		actual := yaml.MapResourcesLineYAML(filePath, resourcesNames, ResourcesStartToken)
 		compareLines(t, expected, actual)
 	})
 
@@ -169,7 +169,7 @@
 	tagGroup.SetTags(extraTags)
 	tagGroup.InitTagGroup("", []string{}, []string{})
 	writeFilePath := directory + "/" + testFileName + "_tagged." + fileType
-	cfnBlocks, err := cfnParser.ParseFile(readFilePath)
+	cfnBlocks, _, err := cfnParser.ParseFile(readFilePath)
 	for _, block := range cfnBlocks {
 		err := tagGroup.CreateTagsForBlock(block)
 		if err != nil {

src/common/parser.go

@@ -10,5 +10,6 @@ type IParser interface {
 	WriteFile(readFilePath string, blocks []structure.IBlock, writeFilePath string) error
 	GetSkippedDirs() []string
 	GetSupportedFileExtensions() []string
+	GetSkipResourcesByComment() []string
 	Close()
 }

src/common/runner/runner.go

@@ -160,12 +160,17 @@ func (r *Runner) isSkippedResourceType(resourceType string) bool {
 	return false
 }
 
-func (r *Runner) isSkippedResource(resource string) bool {
+func (r *Runner) isSkippedResource(resource string, skipResourcesByComment []string) bool {
 	for _, skippedResource := range r.skippedResources {
 		if resource == skippedResource {
 			return true
 		}
 	}
+	for _, skippedResource := range skipResourcesByComment {
+		if resource == skippedResource {
+			return true
+		}
+	}
 	return false
 }
 
@@ -186,7 +191,8 @@ func (r *Runner) TagFile(file string) {
 			if r.isSkippedResourceType(block.GetResourceType()) {
 				continue
 			}
-			if r.isSkippedResource(block.GetResourceID()) {
+			skipResourcesByComment := parser.GetSkipResourcesByComment()
+			if r.isSkippedResource(block.GetResourceID(), skipResourcesByComment) {
 				continue
 			}
 			if block.IsBlockTaggable() {

src/common/yaml/yaml_writer.go

@@ -266,8 +266,9 @@ func FindTagsLinesYAML(textLines []string, tagsAttributeName string) (structure.
 	return tagsLines, tagsExist
 }
 
-func MapResourcesLineYAML(filePath string, resourceNames []string, resourcesStartToken string) map[string]*structure.Lines {
+func MapResourcesLineYAML(filePath string, resourceNames []string, resourcesStartToken string) (map[string]*structure.Lines, []string) {
 	resourceToLines := make(map[string]*structure.Lines)
+	skipResourcesByComment := make([]string, 0)
 	for _, resourceName := range resourceNames {
 		// initialize a map between resource name and its lines in file
 		resourceToLines[resourceName] = &structure.Lines{Start: -1, End: -1}
@@ -276,7 +277,7 @@ func MapResourcesLineYAML(filePath string, resourceNames []string, resourcesStar
 	file, err := os.ReadFile(filePath)
 	if err != nil {
 		logger.Warning(fmt.Sprintf("failed to read file %s", filePath))
-		return nil
+		return nil, skipResourcesByComment
 	}
 
 	readResources := false
@@ -287,12 +288,21 @@ func MapResourcesLineYAML(filePath string, resourceNames []string, resourcesStar
 	for i, line := range fileLines {
 		cleanContent := strings.TrimSpace(line)
 		if strings.HasPrefix(cleanContent, resourcesStartToken+":") {
+			if strings.ToUpper(strings.TrimSpace(fileLines[i-1])) == "#YOR:SKIPALL" {
+				skipResourcesByComment = append(skipResourcesByComment, resourceNames...)
+			}
 			readResources = true
 			resourcesIndent = countLeadingSpaces(line)
 			continue
 		}
 
 		if readResources {
+			if i > 0 {
+				if strings.ToUpper(strings.TrimSpace(fileLines[i-1])) == "#YOR:SKIP" {
+					skipResourcesByComment = append(skipResourcesByComment, strings.Trim(strings.TrimSpace(line), ":"))
+
+				}
+			}
 			lineIndent := countLeadingSpaces(line)
 			if lineIndent <= resourcesIndent && strings.TrimSpace(line) != "" && !strings.Contains(line, "#") {
 				// No longer inside resources block, get the last line of the previous resource if exists
@@ -325,7 +335,7 @@ func MapResourcesLineYAML(filePath string, resourceNames []string, resourcesStar
 		// Handle last line of resource is last line of file
 		resourceToLines[latestResourceName].End = findLastNonEmptyLine(fileLines, len(fileLines)-1)
 	}
-	return resourceToLines
+	return resourceToLines, skipResourcesByComment
 }
 
 func countLeadingSpaces(line string) int {

src/serverless/structure/serverless_parser.go

@@ -24,7 +24,8 @@ const FunctionsSectionName = "functions"
 const FunctionType = "function"
 
 type ServerlessParser struct {
-	YamlParser types.YamlParser
+	YamlParser           types.YamlParser
+	skippedByCommentList []string
 }
 
 var slsParseLock sync.Mutex
@@ -71,7 +72,12 @@ func (p *ServerlessParser) ValidFile(file string) bool {
 	return true
 }
 
+func (p *ServerlessParser) GetSkipResourcesByComment() []string {
+	return p.skippedByCommentList
+}
+
 func (p *ServerlessParser) ParseFile(filePath string) ([]structure.IBlock, error) {
+	skipResourcesByComment := make([]string, 0)
 	parsedBlocks := make([]structure.IBlock, 0)
 	fileFormat := utils.GetFileFormat(filePath)
 	fileName := filepath.Base(filePath)
@@ -101,7 +107,8 @@ func (p *ServerlessParser) ParseFile(filePath string) ([]structure.IBlock, error
 	}
 	switch utils.GetFileFormat(filePath) {
 	case common.YmlFileType.FileFormat, common.YamlFileType.FileFormat:
-		resourceNamesToLines = yamlUtils.MapResourcesLineYAML(filePath, resourceNames, FunctionsSectionName)
+		resourceNamesToLines, skipResourcesByComment = yamlUtils.MapResourcesLineYAML(filePath, resourceNames, FunctionsSectionName)
+		p.skippedByCommentList = append(p.skippedByCommentList, skipResourcesByComment...)
 	default:
 		return nil, fmt.Errorf("unsupported file type %s", utils.GetFileFormat(filePath))
 	}

src/terraform/structure/terraform_parser.go

@@ -48,6 +48,7 @@ type TerraformParser struct {
 	moduleInstallDir       string
 	downloadedPaths        []string
 	tfClientLock           sync.Mutex
+	skippedByCommentList   []string
 }
 
 func (p *TerraformParser) Name() string {
@@ -121,6 +122,10 @@ func (p *TerraformParser) GetSourceFiles(directory string) ([]string, error) {
 	return files, nil
 }
 
+func (p *TerraformParser) GetSkipResourcesByComment() []string {
+	return p.skippedByCommentList
+}
+
 func (p *TerraformParser) ValidFile(_ string) bool {
 	return true
 }
@@ -132,6 +137,7 @@ func (p *TerraformParser) ParseFile(filePath string) ([]structure.IBlock, error)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read file %s because %s", filePath, err)
 	}
+	lines := strings.Split(string(src), "\n")
 
 	// parse the file into hclwrite.File and hclsyntax.File to allow getting existing tags and lines
 	hclFile, diagnostics := hclwrite.ParseConfig(src, filePath, hcl.InitialPos)
@@ -151,6 +157,7 @@ func (p *TerraformParser) ParseFile(filePath string) ([]structure.IBlock, error)
 
 	syntaxBlocks := hclSyntaxFile.Body.(*hclsyntax.Body).Blocks
 
+	skipAll := false
 	rawBlocks := hclFile.Body().Blocks()
 	parsedBlocks := make([]structure.IBlock, 0)
 	for i, block := range rawBlocks {
@@ -174,6 +181,17 @@ func (p *TerraformParser) ParseFile(filePath string) ([]structure.IBlock, error)
 		}
 		terraformBlock.Init(filePath, block)
 		terraformBlock.AddHclSyntaxBlock(syntaxBlocks[i])
+		line := terraformBlock.GetLines().Start
+		if line > 1 && line <= len(lines) {
+			lineAbove := lines[line-2]
+			if strings.ToUpper(strings.TrimSpace(lineAbove)) == "#YOR:SKIPALL" {
+				skipAll = true
+			}
+
+			if strings.ToUpper(strings.TrimSpace(lineAbove)) == "#YOR:SKIP" || skipAll {
+				p.skippedByCommentList = append(p.skippedByCommentList, terraformBlock.GetResourceID())
+			}
+		}
 		parsedBlocks = append(parsedBlocks, terraformBlock)
 	}
 

tests/integration/integration_test.go

@@ -256,6 +256,35 @@ func TestRunResults(t *testing.T) {
 	})
 }
 
+func TestSkipResourcesByComment(t *testing.T) {
+	t.Run("Test tagging terraform and cloudFormation files and skip resource by comment", func(t *testing.T) {
+		yorRunner := runner.Runner{}
+		err := yorRunner.Init(&clioptions.TagOptions{
+			Directory: "./skipComment",
+			TagGroups: getTagGroups(),
+			Parsers:   []string{"Terraform", "CloudFormation"},
+		})
+		tfFileBytes, _ := os.ReadFile("./skipComment/skipResource.tf")
+		yamlFileBytes, _ := os.ReadFile("./skipComment/skipResource.yaml")
+		defer func() {
+			_ = os.WriteFile("./skipComment/skipResource.tf", tfFileBytes, 0644)
+			_ = os.WriteFile("./skipComment/skipResource.yaml", yamlFileBytes, 0644)
+		}()
+		failIfErr(t, err)
+		reportService, err := yorRunner.TagDirectory()
+		failIfErr(t, err)
+
+		reportService.CreateReport()
+		report := reportService.GetReport()
+
+		newTags := report.NewResourceTags
+		for _, newTag := range newTags {
+			assert.NotEqual(t, "aws_vpc.example_vpc", newTag.ResourceID)
+			assert.NotEqual(t, "NewVolume1", newTag.ResourceID)
+		}
+	})
+}
+
 func TestTagUncommittedResults(t *testing.T) {
 	t.Run("Test tagging twice no result second time", func(t *testing.T) {
 		terragoatPath := utils.CloneRepo(utils.TerragoatURL, "063dc2db3bb036160ed39d3705508ee8293a27c8")

tests/integration/skipComment/skipResource.tf

@@ -0,0 +1,24 @@
+#yor:skip
+resource "aws_vpc" "example_vpc" {
+  cidr_block = "10.0.0.0/16"
+  tags = {
+  }
+}
+
+resource "aws_subnet" "example_subnet" {
+  vpc_id            = aws_vpc.example_vpc.id
+  cidr_block        = "10.0.1.0/24"
+  availability_zone = "us-west-1a"
+  tags = {
+    yor_name  = "example_subnet"
+    yor_trace = "74091a97-d11a-4500-a0c3-af942a0d8e00"
+  }
+}
+
+resource "aws_instance" "example_instance" {
+  ami           = "ami-0c55b159cbfafe1f0"
+  instance_type = "t2.micro"
+  subnet_id     = aws_subnet.example_subnet.id
+  tags = {
+  }
+}

tests/integration/skipComment/skipResource.yaml

@@ -0,0 +1,25 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: Sample EBS Volume with EC2 instance template
+Resources:
+  NewVolume:
+    Type: AWS::EC2::Volume
+    Properties:
+      Size: 100
+      Encrypted: true
+      #Encrypted: false
+      AvailabilityZone: us-west-2a
+      Tags:
+        - Key: yor_trace
+          Value: d5e1032c-34e9-428d-8b17-4dff36d05e68
+        - Key: yor_name
+          Value: NewVolume
+  #yor:skip
+  NewVolume1:
+    Type: AWS::EC2::Volume
+    Properties:
+      Size: 100
+      Encrypted: true
+      #Encrypted: false
+      AvailabilityZone: us-west-2a
+      Tags:
+    DeletionPolicy: Snapshot