From 0f383950deaf87a81aa8f247d148c5be9b961943 Mon Sep 17 00:00:00 2001
From: nenad_petrovic <nenad.petrovic@xlab.si>
Date: Sat, 10 Sep 2022 14:56:04 +0200
Subject: [PATCH] Fixed ansible compatibility issues

---
 src/iac_scan_runner/compatibility.py   | 16 +++++++-----
 src/iac_scan_runner/results_summary.py | 36 ++++++++++++++------------
 src/iac_scan_runner/scan_runner.py     |  8 +++---
 3 files changed, 34 insertions(+), 26 deletions(-)

diff --git a/src/iac_scan_runner/compatibility.py b/src/iac_scan_runner/compatibility.py
index d918b8b..2874468 100644
--- a/src/iac_scan_runner/compatibility.py
+++ b/src/iac_scan_runner/compatibility.py
@@ -5,10 +5,10 @@ class Compatibility:
     # TODO: This matrix should be revised and extended, it is just a proof of concept here as for now
     compatibility_matrix = {
         "terraform": ["tfsec", "tflint", "terrascan", "git-leaks", "git-secrets"],
-        "yaml": ["git-leaks", "yamllint", "git-secrets"],
+        "yaml": ["git-leaks", "yamllint", "git-secrets", "ansible-lint", "steampunk-scanner"],
         "shell": ["shellcheck", "git-leaks", "git-secrets"],
         "python": ["pylint", "bandit", "pyup-safety"],
-        "ansible": ["ansible-lint", "steampunk-scanner"],
+        #"ansible": ["ansible-lint", "steampunk-scanner"],
         "java": ["checkstyle"],
         "js": ["es-lint", "ts-lint"],
         "html": ["htmlhint"],
@@ -54,9 +54,15 @@ class Compatibility:
         try:
             for root, folders, names in os.walk(iac_directory):
                 for f in names:
-                   if (f.find(".tf") or f.find(".tftpl")) > -1:
+                   print(f)
+                   if (f.find(".tf") > -1) or (f.find(".tftpl") > -1):
                         types.append("terraform")
                         scanned_terraform.append(f)
+
+                   elif (f.find(".yaml") > -1) or (f.find(".yml") > -1):
+                        print(f)
+                        types.append("yaml")
+                        scanned_yaml.append(f)
                     
                    elif f.find(".sh") > -1:
                         types.append("shell")
@@ -66,10 +72,6 @@ class Compatibility:
                         types.append("python")
                         scanned_py.append(f)
 
-                   elif (f.find(".yaml") or f.find(".yml")) > -1:
-                        types.append("yaml")
-                        scanned_yaml.append(f)
-
                    elif f.find(".java") > -1:
                         types.append("java")
                         scanned_java.append(f)
diff --git a/src/iac_scan_runner/results_summary.py b/src/iac_scan_runner/results_summary.py
index de058eb..ebf9f1e 100644
--- a/src/iac_scan_runner/results_summary.py
+++ b/src/iac_scan_runner/results_summary.py
@@ -40,6 +40,7 @@ class ResultsSummary:
         file_list = ""
         for t in compatibility_matrix:
             if check in compatibility_matrix[t]:
+                print(compatibility_matrix[t])
                 file_list = str(scanned_files[t])
 
         self.outcomes[check]["files"] = file_list
@@ -55,7 +56,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems"
 
-        if check == "git-leaks":
+        elif check == "git-leaks":
             if outcome.find("No leaks found") > -1:
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -63,7 +64,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems"
 
-        if check == "tflint":
+        elif check == "tflint":
             if outcome == "":
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -71,7 +72,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems"
 
-        if check == "htmlhint":
+        elif check == "htmlhint":
             if outcome.find("no errors")>-1:
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -79,7 +80,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems"
 
-        if check == "checkstyle":
+        elif check == "checkstyle":
             if outcome == "":
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -87,7 +88,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems"                
 
-        if check == "es-lint":
+        elif check == "es-lint":
             if outcome.find("wrong")>-1:
                 self.outcomes[check]["status"] = "Problems"
                 return "Passed"
@@ -95,7 +96,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Passed"
                 return "Problems"      
 
-        if check == "ts-lint":
+        elif check == "ts-lint":
             if outcome.find("wrong")>-1:
                 self.outcomes[check]["status"] = "Problems"
                 return "Passed"
@@ -103,7 +104,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Passed"
                 return "Problems"  
 
-        if check == "pylint":
+        elif check == "pylint":
             if outcome.find("no problems")>-1:
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -111,7 +112,7 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems" 
 
-        if check == "hadolint":
+        elif check == "hadolint":
             if outcome=="":
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
@@ -119,20 +120,23 @@ class ResultsSummary:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems" 
 
-        if check == "terrascan":
+        elif check == "terrascan":
             if outcome=="":
                 self.outcomes[check]["status"] = "Passed"
                 return "Passed"
             else:
                 self.outcomes[check]["status"] = "Problems"
                 return "Problems" 
-                
-        if check == "other":
-            self.outcomes[check]["status"] = "No scan performed"
-            return "No scan"
-        else:
-            self.outcomes[check]["status"] = "Not fully supported yet"
-            return "Not fully supported yet"
+
+        elif check == "ansible-lint":
+            if outcome=="":
+                self.outcomes[check]["status"] = "Passed"
+                return "Passed"
+            else:
+                self.outcomes[check]["status"] = "Problems"
+                return "Problems" 
+        self.outcomes[check]["status"] = "Not fully supported yet"
+        return "Not fully supported yet"
 
     def summarize_no_files(self, check: str):
         """
diff --git a/src/iac_scan_runner/scan_runner.py b/src/iac_scan_runner/scan_runner.py
index 2e55508..c89109c 100644
--- a/src/iac_scan_runner/scan_runner.py
+++ b/src/iac_scan_runner/scan_runner.py
@@ -146,13 +146,15 @@ class ScanRunner:
 
         compatible_checks = self.compatibility_matrix.get_all_compatible_checks(self.iac_dir)
         non_compatible_checks = []
-                
         scan_output = {}
-
-        if selected_checks and selected_checks!="":
+        
+        if selected_checks:
             for selected_check in selected_checks:
                 check = self.iac_checks[selected_check]
+                print(selected_check)
                 if check.enabled:
+                    print("enabled")
+                    print(compatible_checks)
                     if selected_check in compatible_checks:
                         check_output = check.run(self.iac_dir)
                         scan_output[selected_check] = check_output.to_dict()                        
-- 
GitLab