From d06f456b8421645b7aa01b483a5375a13200da88 Mon Sep 17 00:00:00 2001 From: anzoman <aluzarwork@gmail.com> Date: Fri, 8 Apr 2022 15:24:48 +0200 Subject: [PATCH] Use xOpera TOSCA parser for TOSCA validation --- install-checks.sh | 4 ++-- .../checks/{opera.py => opera_tosca_parser.py} | 7 ++++--- src/iac_scan_runner/scan_runner.py | 6 +++--- src/iac_scan_runner/vars.py | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) rename src/iac_scan_runner/checks/{opera.py => opera_tosca_parser.py} (53%) diff --git a/install-checks.sh b/install-checks.sh index 3ca1dce..7df30da 100755 --- a/install-checks.sh +++ b/install-checks.sh @@ -9,7 +9,7 @@ export TMP_DIR="${TOOLS_DIR}/tmp" export NODE_MODULES_DIR="${ROOT_DIR}/node_modules" export CONFIG_DIR="${ROOT_DIR}/config" # env vars for check executables -export OPERA_CHECK_PATH="${VIRTUALENV_DIR}/bin/opera/" +export OPERA_TOSCA_PARSER_CHECK_PATH="${VIRTUALENV_DIR}/bin/opera-tosca-parser/" export ANSIBLE_LINT_CHECK_PATH="${VIRTUALENV_DIR}/bin/ansible-lint/" export TFLINT_CHECK_PATH="${TOOLS_DIR}/tflint" export TFSEC_CHECK_PATH="${TOOLS_DIR}/tfsec" @@ -96,7 +96,7 @@ installRequiredNpmModulesIfNot() { } installPythonModules() { - pip install opera==0.6.8 pylint==2.12.2 gixy==0.1.20 ansible-lint==5.4.0 yamllint==1.26.3 bandit==1.7.2 safety==1.10.3 + pip install opera-tosca-parser==0.1.0 pylint==2.12.2 gixy==0.1.20 ansible-lint==5.4.0 yamllint==1.26.3 bandit==1.7.2 safety==1.10.3 } installGitLeaksIfNot() { diff --git a/src/iac_scan_runner/checks/opera.py b/src/iac_scan_runner/checks/opera_tosca_parser.py similarity index 53% rename from src/iac_scan_runner/checks/opera.py rename to src/iac_scan_runner/checks/opera_tosca_parser.py index fc8bcd8..c5a0972 100644 --- a/src/iac_scan_runner/checks/opera.py +++ b/src/iac_scan_runner/checks/opera_tosca_parser.py @@ -5,9 +5,10 @@ from iac_scan_runner.check_target_entity_type import CheckTargetEntityType from iac_scan_runner.utils import run_command -class OperaToscaCheck(Check): +class OperaToscaParserCheck(Check): def __init__(self): - super().__init__("opera", "A TOSCA orchestrator that can validate TOSCA CSARs", CheckTargetEntityType.iac) + super().__init__("opera-tosca-parser", "xOpera TOSCA parser can validate TOSCA YAML templates and CSARs", + CheckTargetEntityType.iac) def run(self, directory: str) -> CheckOutput: - return run_command(f'{env.OPERA_CHECK_PATH} validate .', directory) + return run_command(f'{env.OPERA_TOSCA_PARSER_CHECK_PATH} parse .', directory) diff --git a/src/iac_scan_runner/scan_runner.py b/src/iac_scan_runner/scan_runner.py index f6358cb..d0e31e9 100644 --- a/src/iac_scan_runner/scan_runner.py +++ b/src/iac_scan_runner/scan_runner.py @@ -15,7 +15,7 @@ from iac_scan_runner.checks.gixy import GixyCheck from iac_scan_runner.checks.hadolint import HadolintCheck from iac_scan_runner.checks.htmlhint import HtmlHintCheck from iac_scan_runner.checks.markdown_lint import MarkdownLintCheck -from iac_scan_runner.checks.opera import OperaToscaCheck +from iac_scan_runner.checks.opera_tosca_parser import OperaToscaParserCheck from iac_scan_runner.checks.pylint import PylintCheck from iac_scan_runner.checks.pyup_safety import PyUpSafetyCheck from iac_scan_runner.checks.shellcheck import ShellCheck @@ -40,7 +40,7 @@ class ScanRunner: def init_checks(self): """Initiate predefined check objects""" - xopera = OperaToscaCheck() + opera_tosca_parser = OperaToscaParserCheck() ansible_lint = AnsibleLintCheck() tflint = TFLintCheck() tfsec = TfsecCheck() @@ -65,7 +65,7 @@ class ScanRunner: sonar_scanner = SonarScannerCheck() self.iac_checks = { - xopera.name: xopera, + opera_tosca_parser.name: opera_tosca_parser, ansible_lint.name: ansible_lint, tflint.name: tflint, tfsec.name: tfsec, diff --git a/src/iac_scan_runner/vars.py b/src/iac_scan_runner/vars.py index 60a8f46..c364f4d 100644 --- a/src/iac_scan_runner/vars.py +++ b/src/iac_scan_runner/vars.py @@ -9,7 +9,7 @@ NODE_MODULES_DIR = os.getenv("NODE_MODULES_DIR", f'{ROOT_DIR}/node_modules') TMP_DIR = os.getenv("TMP_DIR", f'{TOOLS_DIR}/tmp') # vars for paths to check executables -OPERA_CHECK_PATH = os.getenv("OPERA_CHECK_PATH", f'{VIRTUALENV_DIR}/bin/opera') +OPERA_TOSCA_PARSER_CHECK_PATH = os.getenv("OPERA_TOSCA_PARSER_CHECK_PATH", f'{VIRTUALENV_DIR}/bin/opera-tosca-parser') ANSIBLE_LINT_CHECK_PATH = os.getenv("ANSIBLE_LINT_CHECK_PATH", f'{VIRTUALENV_DIR}/bin/ansible-lint') TFLINT_CHECK_PATH = os.getenv("TFLINT_CHECK_PATH", f'{TOOLS_DIR}/tflint') TFSEC_CHECK_PATH = os.getenv("TFSEC_CHECK_PATH", f'{TOOLS_DIR}/tfsec') -- GitLab