github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/internal/adapters/terraform/github/secrets/adapt.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/internal/adapters/terraform/github/secrets/adapt.go (about)

     1  package secrets
     2  
     3  import (
     4  	"github.com/aquasecurity/defsec/pkg/providers/github"
     5  	"github.com/aquasecurity/defsec/pkg/terraform"
     6  )
     7  
     8  func Adapt(modules terraform.Modules) []github.EnvironmentSecret {
     9  	return adaptSecrets(modules)
    10  }
    11  
    12  func adaptSecrets(modules terraform.Modules) []github.EnvironmentSecret {
    13  	var secrets []github.EnvironmentSecret
    14  	for _, module := range modules {
    15  		for _, resource := range module.GetResourcesByType("github_actions_environment_secret") {
    16  			secrets = append(secrets, adaptSecret(resource))
    17  		}
    18  	}
    19  	return secrets
    20  }
    21  
    22  func adaptSecret(resource *terraform.Block) github.EnvironmentSecret {
    23  	secret := github.EnvironmentSecret{
    24  		Metadata:       resource.GetMetadata(),
    25  		Repository:     resource.GetAttribute("repository").AsStringValueOrDefault("", resource),
    26  		Environment:    resource.GetAttribute("environment").AsStringValueOrDefault("", resource),
    27  		SecretName:     resource.GetAttribute("secret_name").AsStringValueOrDefault("", resource),
    28  		PlainTextValue: resource.GetAttribute("plaintext_value").AsStringValueOrDefault("", resource),
    29  		EncryptedValue: resource.GetAttribute("encrypted_value").AsStringValueOrDefault("", resource),
    30  	}
    31  	return secret
    32  }