Skip to content

Commit 3996b95

Browse files
eerkunteerkunt
authored
Merge pull request #152 from dylanhellems/search-resource-changes
Support parsing resource changes in plan
2 parents d15c8b9 + c24abf8 commit 3996b95

File tree

2 files changed

+74
-2
lines changed

2 files changed

+74
-2
lines changed

terraform_compliance/extensions/terraform.py

+15-2
Original file line numberDiff line numberDiff line change
@@ -76,8 +76,6 @@ def _parse_resources(self):
7676
:return: none
7777
'''
7878

79-
#TODO: Consider about using 'resource_changes' instead of 'resources'
80-
8179
# Resources ( exists in Plan )
8280
for findings in seek_key_in_dict(self.raw.get('planned_values', {}).get('root_module', {}), 'resources'):
8381
for resource in findings.get('resources', []):
@@ -110,6 +108,21 @@ def _parse_resources(self):
110108
else:
111109
self.resources[resource['address']] = resource
112110

111+
# Resource Changes ( exists in Plan )
112+
for finding in self.raw.get('resource_changes', {}):
113+
resource = deepcopy(finding)
114+
change = resource.get('change', {})
115+
actions = change.get('actions', [])
116+
if actions != ['delete']:
117+
resource['values'] = change.get('after', {})
118+
if 'change' in resource:
119+
del resource['change']
120+
121+
if resource['address'].startswith('data'):
122+
self.data[resource['address']] = resource
123+
else:
124+
self.resources[resource['address']] = resource
125+
113126
def _parse_configurations(self):
114127
'''
115128
Assigns all configuration related data defined in the terraform plan. This is mostly used for

tests/terraform_compliance/extensions/test_terraform.py

+59
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,65 @@ def test_parse_resources_child_resources_exists_in_the_state_resource(self, *arg
154154
obj._parse_resources()
155155
self.assertEqual(obj.resources['something'], {'address': 'something'})
156156

157+
@patch.object(TerraformParser, '_read_file', return_value={})
158+
def test_parse_resources_resources_exists_in_the_resource_changes_data(self, *args):
159+
obj = TerraformParser('somefile', parse_it=False)
160+
obj.raw['resource_changes'] = [
161+
{
162+
'address': 'data_something',
163+
'change': {
164+
'actions': ['update'],
165+
'before': {
166+
'key': 'foo'
167+
},
168+
'after': {
169+
'key': 'bar'
170+
}
171+
}
172+
}
173+
]
174+
obj._parse_resources()
175+
self.assertEqual(obj.data['data_something'], {'address': 'data_something', 'values': {'key': 'bar'}})
176+
177+
@patch.object(TerraformParser, '_read_file', return_value={})
178+
def test_parse_resources_resources_exists_in_the_resource_changes_resource(self, *args):
179+
obj = TerraformParser('somefile', parse_it=False)
180+
obj.raw['resource_changes'] = [
181+
{
182+
'address': 'something',
183+
'change': {
184+
'actions': ['update'],
185+
'before': {
186+
'key': 'foo'
187+
},
188+
'after': {
189+
'key': 'bar'
190+
}
191+
}
192+
}
193+
]
194+
obj._parse_resources()
195+
self.assertEqual(obj.resources['something'], {'address': 'something', 'values': {'key': 'bar'}})
196+
197+
@patch.object(TerraformParser, '_read_file', return_value={})
198+
def test_parse_resources_resources_exists_in_the_resource_changes_deleted(self, *args):
199+
obj = TerraformParser('somefile', parse_it=False)
200+
obj.raw['resource_changes'] = [
201+
{
202+
'address': 'something',
203+
'change': {
204+
'actions': ['delete'],
205+
'before': {
206+
'key': 'foo'
207+
},
208+
'after': {
209+
'key': 'bar'
210+
}
211+
}
212+
}
213+
]
214+
obj._parse_resources()
215+
self.assertEqual(obj.resources, {})
157216

158217
@patch.object(TerraformParser, '_read_file', return_value={})
159218
def test_parse_configurations_resources(self, *args):

0 commit comments

Comments
 (0)