github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/github/secrets/adapt.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/github/secrets/adapt.go (about)

     1  package secrets
     2  
     3  import (
     4  	"github.com/khulnasoft-lab/defsec/pkg/providers/github"
     5  	"github.com/khulnasoft-lab/defsec/pkg/terraform"
     6  )
     7  
     8  func Adapt(modules terraform.Modules) []github.EnvironmentSecret {
     9  	return adaptSecrets(modules)
    10  }
    11  
    12  func adaptSecrets(modules terraform.Modules) []github.EnvironmentSecret {
    13  	var secrets []github.EnvironmentSecret
    14  	for _, module := range modules {
    15  		for _, resource := range module.GetResourcesByType("github_actions_environment_secret") {
    16  			secrets = append(secrets, adaptSecret(resource))
    17  		}
    18  	}
    19  	return secrets
    20  }
    21  
    22  func adaptSecret(resource *terraform.Block) github.EnvironmentSecret {
    23  	secret := github.EnvironmentSecret{
    24  		Metadata:       resource.GetMetadata(),
    25  		Repository:     resource.GetAttribute("repository").AsStringValueOrDefault("", resource),
    26  		Environment:    resource.GetAttribute("environment").AsStringValueOrDefault("", resource),
    27  		SecretName:     resource.GetAttribute("secret_name").AsStringValueOrDefault("", resource),
    28  		PlainTextValue: resource.GetAttribute("plaintext_value").AsStringValueOrDefault("", resource),
    29  		EncryptedValue: resource.GetAttribute("encrypted_value").AsStringValueOrDefault("", resource),
    30  	}
    31  	return secret
    32  }