Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • pub/terrareg
Show changes
Commits on Source (14)
# Changelog
## [2.80.1](https://gitlab.dockstudios.co.uk/pub/terrareg/compare/v2.80.0...v2.80.1) (2023-09-27)
### Bug Fixes
* Handle tfsec issues found in root of repo, where path contains the base path ([fbad20b](https://gitlab.dockstudios.co.uk/pub/terrareg/commit/fbad20b2ca239c20433f01b6af54b8e13be3e480))
* Update tfsec to 1.28.4 as it was outputting erroneous RDS IAM checks for empty terraform ([161c4f9](https://gitlab.dockstudios.co.uk/pub/terrareg/commit/161c4f9ba960a8529d3d026cb54fc0dd8d784b61))
# [2.80.0](https://gitlab.dockstudios.co.uk/pub/terrareg/compare/v2.79.0...v2.80.0) (2023-09-27)
......
......@@ -22,7 +22,7 @@ RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
else \
arch=amd64; \
fi; \
wget https://github.com/aquasecurity/tfsec/releases/download/v1.26.0/tfsec-linux-${arch} -O /usr/local/bin/tfsec && \
wget https://github.com/aquasecurity/tfsec/releases/download/v1.28.4/tfsec-linux-${arch} -O /usr/local/bin/tfsec && \
chmod +x /usr/local/bin/tfsec'
# Download infracost
......@@ -32,7 +32,7 @@ RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
else \
arch=amd64; \
fi; \
wget https://github.com/infracost/infracost/releases/download/v0.10.10/infracost-linux-${arch}.tar.gz -O /tmp/infracost.tar.gz && \
wget https://github.com/infracost/infracost/releases/download/v0.10.22/infracost-linux-${arch}.tar.gz -O /tmp/infracost.tar.gz && \
tar -zxvf /tmp/infracost.tar.gz infracost-linux-${arch} && \
mv infracost-linux-${arch} /usr/local/bin/infracost && \
chmod +x /usr/local/bin/infracost && \
......
......@@ -25,7 +25,7 @@ RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
else \
arch=amd64; \
fi; \
wget https://github.com/aquasecurity/tfsec/releases/download/v1.26.0/tfsec-linux-${arch} -O /usr/local/bin/tfsec && \
wget https://github.com/aquasecurity/tfsec/releases/download/v1.28.4/tfsec-linux-${arch} -O /usr/local/bin/tfsec && \
chmod +x /usr/local/bin/tfsec'
# Download infracost
......@@ -35,7 +35,7 @@ RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
else \
arch=amd64; \
fi; \
wget https://github.com/infracost/infracost/releases/download/v0.10.10/infracost-linux-${arch}.tar.gz -O /tmp/infracost.tar.gz && \
wget https://github.com/infracost/infracost/releases/download/v0.10.22/infracost-linux-${arch}.tar.gz -O /tmp/infracost.tar.gz && \
tar -zxvf /tmp/infracost.tar.gz infracost-linux-${arch} && \
mv infracost-linux-${arch} /usr/local/bin/infracost && \
chmod +x /usr/local/bin/infracost && \
......@@ -44,19 +44,6 @@ RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
# Download tfswitch
RUN bash -c 'curl -L https://raw.githubusercontent.com/warrensbox/terraform-switcher/release/install.sh | bash'
# Download terraform-graph-beautifier
RUN bash -c 'if [ "$(uname -m)" == "aarch64" ]; \
then \
arch=arm64; \
else \
arch=amd64; \
fi; \
wget https://github.com/pcasteran/terraform-graph-beautifier/releases/download/v0.3.1/terraform-graph-beautifier_0.3.1_linux_${arch}.tar.gz -O /tmp/terraform-graph-beautifier.tar.gz && \
tar -zxvf /tmp/terraform-graph-beautifier.tar.gz terraform-graph-beautifier && \
mv terraform-graph-beautifier /usr/local/bin/terraform-graph-beautifier && \
chmod +x /usr/local/bin/terraform-graph-beautifier && \
rm /tmp/terraform-graph-beautifier.tar.gz'
WORKDIR /app
COPY requirements.txt .
RUN pip install --proxy=$http_proxy -r requirements.txt
......
alembic==1.9.0
alembic==1.10.4
aniso8601==9.0.1
cffi==1.15.1
click==8.1.3
cryptography==38.0.4
cryptography==40.0.2
Flask==2.2.2
Flask-RESTful==0.3.9
greenlet==2.0.1
importlib-metadata==5.1.0
importlib-resources==5.10.1
greenlet==2.0.2
importlib-metadata==6.6.0
importlib-resources==5.12.0
itsdangerous==2.1.2
Jinja2==3.1.2
Mako==1.2.4
Markdown==3.4.1
markdown2==2.4.6
MarkupSafe==2.1.1
Markdown==3.4.3
markdown2==2.4.8
MarkupSafe==2.1.2
pycparser==2.21
pyOpenSSL==22.1.0
pyOpenSSL==23.1.1
python-magic==0.4.27
pytz==2022.6
pytz==2023.3
six==1.16.0
SQLAlchemy==1.4.45
Werkzeug==2.2.2
zipp==3.11.0
alembic==1.9.0
mysql-connector-python==8.0.29
beautifulsoup4==4.11.1
bleach==5.0.1
zipp==3.15.0
mysql-connector-python==8.0.33
beautifulsoup4==4.12.2
bleach==6.0.0
webencodings==0.5.1
oauthlib==3.2.2
requests==2.28.1
PyJWT==2.6.0
python3-saml==1.14.0
requests==2.30.0
PyJWT==2.7.0
python3-saml==1.15.0
mdx-truly-sane-lists==1.3
pygraphviz==1.10
networkx==2.8.8
networkx==3.1
pydot==1.4.2
sentry-sdk==1.14.0
sentry-sdk==1.22.2
urllib3==1.26.14
blinker==1.5
blinker==1.6.2
semantic-version==2.10.0
waitress==2.1.2
pyop==3.4.0
......@@ -160,7 +160,10 @@ class ModuleExtractor:
# Strip the extraction directory from all paths in results
if tfsec_results['results']:
for result in tfsec_results['results']:
result['location']['filename'] = result['location']['filename'].replace(self._extract_directory.name + '/', '')
result['location']['filename'] = result['location']['filename'].replace(self._extract_directory.name, '')
# Replace leading slash if it exists in filename
if result['location']['filename'].startswith('/'):
result['location']['filename'] = result['location']['filename'][1:]
return tfsec_results
......