-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathTerraform.qll
More file actions
111 lines (88 loc) · 2.92 KB
/
Terraform.qll
File metadata and controls
111 lines (88 loc) · 2.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
private import codeql.files.FileSystem
private import codeql.hcl.AST
private import codeql.iac.Dependencies
private import Resources
module Terraform {
/**
* A Terraform file.
*/
class TerraformFile extends File {
TerraformFile() { this.getBaseName().regexpMatch(".*.(tf|hcl)$") }
}
/**
* A Terraform settings block.
*/
class Terraform extends Block {
Terraform() { this.hasType("terraform") }
/**
* Get the required provider.
*/
RequiredProvider getRequiredProvider() {
result = this.getAttribute("required_providers").getAChild()
}
/**
* Get required version of Terraform.
*/
string getRequiredVersion() {
result = this.getAttribute("required_version").(StringLiteral).getValue()
}
}
abstract class RequiredProvider extends Expr {
/**
* Gets the name of the provider.
*/
abstract string getName();
/**
* Gets the version of the provider.
*/
abstract string getVersion();
/**
* Gets the semantic version of the provider.
*/
abstract SemanticVersion getSemanticVersion();
/**
* Gets the source of the provider.
*/
abstract string getSource();
}
RequiredProvider getProviderByName(string name) {
exists(RequiredProvider provider | provider.getName() = name | result = provider)
}
/**
* Basic Terraform required provider String.
*/
class BasicRequiredProvider extends RequiredProvider, StringLiteral {
private Terraform terraform;
BasicRequiredProvider() { this = terraform.getAttribute("required_providers").getAChild() }
override string toString() { result = "RequiredProvider " + this.getName() }
override string getName() { result = this.getParent().(Block).getAttributeName(this).getName() }
override string getVersion() { result = this.getValue() }
override SemanticVersion getSemanticVersion() { result = this.getValue() }
/**
* Basic providers are assumed to be from the Hashicorp namespace.
*/
override string getSource() { result = "hashicorp/" + this.getName() }
}
/**
* A Terraform required provider object.
*/
class ComplexRequiredProvider extends RequiredProvider, Object {
private Terraform terraform;
ComplexRequiredProvider() { this = terraform.getAttribute("required_providers").getAChild() }
override string toString() { result = "RequiredProvider " + this.getName() }
override string getName() { result = this.getParent().(Block).getAttributeName(this).getName() }
/**
* Gets the source of the provider.
*/
override string getSource() {
result = this.getElementByName("source").(StringLiteral).getValue()
}
/**
* Gets the version of the provider.
*/
override string getVersion() {
result = this.getElementByName("version").(StringLiteral).getValue()
}
override SemanticVersion getSemanticVersion() { result = this.getVersion() }
}
}