github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/config/azurearm/azurearm.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/config/azurearm/azurearm.go (about)

     1  package azurearm
     2  
     3  import (
     4  	"os"
     5  	"path/filepath"
     6  
     7  	"github.com/devseccon/trivy/pkg/fanal/analyzer"
     8  	"github.com/devseccon/trivy/pkg/fanal/analyzer/config"
     9  	"github.com/devseccon/trivy/pkg/misconf"
    10  )
    11  
    12  const (
    13  	version      = 1
    14  	analyzerType = analyzer.TypeAzureARM
    15  )
    16  
    17  func init() {
    18  	analyzer.RegisterPostAnalyzer(analyzerType, newAzureARMConfigAnalyzer)
    19  }
    20  
    21  // azureARMConfigAnalyzer is an analyzer for detecting misconfigurations in Azure ARM templates.
    22  // It embeds config.Analyzer so it can implement analyzer.PostAnalyzer.
    23  type azureARMConfigAnalyzer struct {
    24  	*config.Analyzer
    25  }
    26  
    27  func newAzureARMConfigAnalyzer(opts analyzer.AnalyzerOptions) (analyzer.PostAnalyzer, error) {
    28  	a, err := config.NewAnalyzer(analyzerType, version, misconf.NewAzureARMScanner, opts)
    29  	if err != nil {
    30  		return nil, err
    31  	}
    32  	return &azureARMConfigAnalyzer{Analyzer: a}, nil
    33  }
    34  
    35  // Required overrides config.Analyzer.Required() and check if the given file is JSON.
    36  func (a *azureARMConfigAnalyzer) Required(filePath string, _ os.FileInfo) bool {
    37  	return filepath.Ext(filePath) == ".json"
    38  }