diff --git a/pkg/cli/run_test.go b/pkg/cli/run_test.go index 956577d79..fdcfdfde0 100644 --- a/pkg/cli/run_test.go +++ b/pkg/cli/run_test.go @@ -65,6 +65,7 @@ func TestRun(t *testing.T) { kustomizeTestDirPath := filepath.Join(runTestDir, "kustomize-test") testTerraformFilePath := filepath.Join(runTestDir, "config-only.tf") testRemoteModuleFilePath := filepath.Join(runTestDir, "remote-modules.tf") + testTFJSONFilePath := filepath.Join(runTestDir, "tf-plan.json") ruleSlice := []string{"AWS.ECR.DataSecurity.High.0579", "AWS.SecurityGroup.NetworkPortsSecurity.Low.0561"} @@ -128,6 +129,18 @@ func TestRun(t *testing.T) { outputType: "yaml", }, }, + { + // test for https://github.com/accurics/terrascan/issues/718 + // a valid tfplan file is supplied, error is not expected + name: "iac type is tfplan and -f option used to specify the tfplan.json", + scanOptions: &ScanOptions{ + policyType: []string{"all"}, + iacType: "tfplan", + iacFilePath: testTFJSONFilePath, + outputType: "yaml", + }, + wantErr: false, + }, { name: "config-only flag k8s", scanOptions: &ScanOptions{ diff --git a/pkg/cli/testdata/run-test/tf-plan.json b/pkg/cli/testdata/run-test/tf-plan.json new file mode 100644 index 000000000..85aec2b63 --- /dev/null +++ b/pkg/cli/testdata/run-test/tf-plan.json @@ -0,0 +1 @@ +{"format_version":"0.1","terraform_version":"0.13.5","variables":{"s3_bucket_prefix":{"value":"sample_prefix_test20"}},"planned_values":{"root_module":{"resources":[{"address":"aws_s3_bucket.demo-example","mode":"managed","type":"aws_s3_bucket","name":"demo-example","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acl":"private","bucket":"demoexample-1","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":null,"versioning":[{"enabled":false,"mfa_delete":false}],"website":[]}},{"address":"aws_s3_bucket.demo-s3","mode":"managed","type":"aws_s3_bucket","name":"demo-s3","provider_name":"registry.terraform.io/hashicorp/aws","schema_version":0,"values":{"acl":"private","bucket":"sample_prefix_test20-terraformcloud","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":null,"versioning":[{"enabled":false,"mfa_delete":false}],"website":[]}}]}},"resource_changes":[{"address":"aws_s3_bucket.demo-example","mode":"managed","type":"aws_s3_bucket","name":"demo-example","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["create"],"before":null,"after":{"acl":"private","bucket":"demoexample-1","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":null,"versioning":[{"enabled":false,"mfa_delete":false}],"website":[]},"after_unknown":{"acceleration_status":true,"arn":true,"bucket_domain_name":true,"bucket_regional_domain_name":true,"cors_rule":[],"grant":[],"hosted_zone_id":true,"id":true,"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"region":true,"replication_configuration":[],"request_payer":true,"server_side_encryption_configuration":[],"versioning":[{}],"website":[],"website_domain":true,"website_endpoint":true}}},{"address":"aws_s3_bucket.demo-s3","mode":"managed","type":"aws_s3_bucket","name":"demo-s3","provider_name":"registry.terraform.io/hashicorp/aws","change":{"actions":["create"],"before":null,"after":{"acl":"private","bucket":"sample_prefix_test20-terraformcloud","bucket_prefix":null,"cors_rule":[],"force_destroy":false,"grant":[],"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"policy":null,"replication_configuration":[],"server_side_encryption_configuration":[],"tags":null,"versioning":[{"enabled":false,"mfa_delete":false}],"website":[]},"after_unknown":{"acceleration_status":true,"arn":true,"bucket_domain_name":true,"bucket_regional_domain_name":true,"cors_rule":[],"grant":[],"hosted_zone_id":true,"id":true,"lifecycle_rule":[],"logging":[],"object_lock_configuration":[],"region":true,"replication_configuration":[],"request_payer":true,"server_side_encryption_configuration":[],"versioning":[{}],"website":[],"website_domain":true,"website_endpoint":true}}}],"configuration":{"provider_config":{"aws":{"name":"aws","expressions":{"region":{"constant_value":"us-east-1"}}}},"root_module":{"resources":[{"address":"aws_s3_bucket.demo-example","mode":"managed","type":"aws_s3_bucket","name":"demo-example","provider_config_key":"aws","expressions":{"bucket":{"constant_value":"demoexample-1"},"versioning":[{"enabled":{"constant_value":false},"mfa_delete":{"constant_value":false}}]},"schema_version":0},{"address":"aws_s3_bucket.demo-s3","mode":"managed","type":"aws_s3_bucket","name":"demo-s3","provider_config_key":"aws","expressions":{"bucket":{"references":["var.s3_bucket_prefix"]},"versioning":[{"enabled":{"constant_value":false},"mfa_delete":{"constant_value":false}}]},"schema_version":0}],"variables":{"s3_bucket_prefix":{"default":"sample_prefix_test20"}}}}} \ No newline at end of file diff --git a/pkg/runtime/validate.go b/pkg/runtime/validate.go index 72e1bc63e..af7a117e3 100644 --- a/pkg/runtime/validate.go +++ b/pkg/runtime/validate.go @@ -71,6 +71,9 @@ func (e *Executor) ValidateInputs() error { return errNotValidFile } + // the default value of dirPath is '.', make it empty + e.dirPath = "" + zap.S().Debugf("file '%s' exists", e.filePath) } else { // if directory, check if directory exists