github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/digitalocean/compute/adapt.go (about) 1 package compute 2 3 import ( 4 "github.com/khulnasoft-lab/defsec/pkg/providers/digitalocean/compute" 5 "github.com/khulnasoft-lab/defsec/pkg/terraform" 6 ) 7 8 func Adapt(modules terraform.Modules) compute.Compute { 9 return compute.Compute{ 10 Droplets: adaptDroplets(modules), 11 Firewalls: adaptFirewalls(modules), 12 LoadBalancers: adaptLoadBalancers(modules), 13 KubernetesClusters: adaptKubernetesClusters(modules), 14 } 15 } 16 17 func adaptDroplets(module terraform.Modules) []compute.Droplet { 18 var droplets []compute.Droplet 19 20 for _, module := range module { 21 for _, block := range module.GetResourcesByType("digitalocean_droplet") { 22 droplet := compute.Droplet{ 23 Metadata: block.GetMetadata(), 24 SSHKeys: nil, 25 } 26 sshKeys := block.GetAttribute("ssh_keys") 27 if sshKeys != nil { 28 droplet.SSHKeys = sshKeys.AsStringValues() 29 } 30 31 droplets = append(droplets, droplet) 32 } 33 } 34 return droplets 35 } 36 37 func adaptFirewalls(module terraform.Modules) []compute.Firewall { 38 var firewalls []compute.Firewall 39 40 for _, block := range module.GetResourcesByType("digitalocean_firewall") { 41 inboundRules := block.GetBlocks("inbound_rule") 42 outboundRules := block.GetBlocks("outbound_rule") 43 44 inboundFirewallRules := []compute.InboundFirewallRule{} 45 for _, inBoundRule := range inboundRules { 46 inboundFirewallRule := compute.InboundFirewallRule{ 47 Metadata: inBoundRule.GetMetadata(), 48 } 49 if ibSourceAddresses := inBoundRule.GetAttribute("source_addresses"); ibSourceAddresses != nil { 50 inboundFirewallRule.SourceAddresses = ibSourceAddresses.AsStringValues() 51 } 52 inboundFirewallRules = append(inboundFirewallRules, inboundFirewallRule) 53 } 54 55 outboundFirewallRules := []compute.OutboundFirewallRule{} 56 for _, outBoundRule := range outboundRules { 57 outboundFirewallRule := compute.OutboundFirewallRule{ 58 Metadata: outBoundRule.GetMetadata(), 59 } 60 if obDestinationAddresses := outBoundRule.GetAttribute("destination_addresses"); obDestinationAddresses != nil { 61 outboundFirewallRule.DestinationAddresses = obDestinationAddresses.AsStringValues() 62 } 63 outboundFirewallRules = append(outboundFirewallRules, outboundFirewallRule) 64 } 65 firewalls = append(firewalls, compute.Firewall{ 66 Metadata: block.GetMetadata(), 67 InboundRules: inboundFirewallRules, 68 OutboundRules: outboundFirewallRules, 69 }) 70 } 71 72 return firewalls 73 } 74 75 func adaptLoadBalancers(module terraform.Modules) (loadBalancers []compute.LoadBalancer) { 76 77 for _, block := range module.GetResourcesByType("digitalocean_loadbalancer") { 78 forwardingRules := block.GetBlocks("forwarding_rule") 79 var fRules []compute.ForwardingRule 80 81 for _, fRule := range forwardingRules { 82 rule := compute.ForwardingRule{ 83 Metadata: fRule.GetMetadata(), 84 EntryProtocol: fRule.GetAttribute("entry_protocol").AsStringValueOrDefault("", fRule), 85 } 86 fRules = append(fRules, rule) 87 } 88 loadBalancers = append(loadBalancers, compute.LoadBalancer{ 89 Metadata: block.GetMetadata(), 90 ForwardingRules: fRules, 91 }) 92 } 93 94 return loadBalancers 95 } 96 97 func adaptKubernetesClusters(module terraform.Modules) (kubernetesClusters []compute.KubernetesCluster) { 98 for _, block := range module.GetResourcesByType("digitalocean_kubernetes_cluster") { 99 kubernetesClusters = append(kubernetesClusters, compute.KubernetesCluster{ 100 Metadata: block.GetMetadata(), 101 AutoUpgrade: block.GetAttribute("auto_upgrade").AsBoolValueOrDefault(false, block), 102 SurgeUpgrade: block.GetAttribute("surge_upgrade").AsBoolValueOrDefault(false, block), 103 }) 104 } 105 return kubernetesClusters 106 }