MCPcopy
hub / github.com/aquasecurity/tfsec / evalMatchSpec

Function evalMatchSpec

internal/pkg/custom/processing.go:285–331  ·  view source on GitHub ↗
(b *terraform.Block, spec *MatchSpec, customCtx *customContext)

Source from the content-addressed store, hash-verified

283}
284
285func evalMatchSpec(b *terraform.Block, spec *MatchSpec, customCtx *customContext) bool {
286 if b.IsNil() {
287 return false
288 }
289 var evalResult bool
290
291 for _, preCondition := range spec.PreConditions {
292 clone := preCondition
293 if !evalMatchSpec(b, &clone, customCtx) {
294 // precondition not met
295 return true
296 }
297 }
298
299 var matchFunctionsDirect = map[CheckAction]func(*terraform.Block, *MatchSpec, *customContext) bool{
300 InModule: func(b *terraform.Block, spec *MatchSpec, customCtx *customContext) bool {
301 return b.InModule()
302 },
303 HasTag: checkTags,
304 OfType: func(b *terraform.Block, spec *MatchSpec, customCtx *customContext) bool {
305 return ofType(b, spec)
306 },
307 Not: notifyPredicate,
308 And: processAndPredicate,
309 Or: processOrPredicate,
310 }
311
312 if matchFunction, ok := matchFunctionsDirect[spec.Action]; ok {
313 return matchFunction(b, spec, customCtx)
314 } else {
315 evalResult = matchFunctions[spec.Action](b, spec, customCtx)
316 }
317
318 if len(spec.AssignVariable) > 0 {
319 customCtx.variables[spec.AssignVariable] = b.GetAttribute(spec.Name).AsStringValueOrDefault("", b).Value()
320 }
321
322 if spec.SubMatch != nil && evalResult {
323 evalResult = processSubMatches(b, spec, customCtx)
324 }
325
326 if spec.SubMatchOne != nil && evalResult {
327 evalResult = processSubMatchOnes(b, spec, customCtx)
328 }
329
330 return evalResult
331}
332
333func evalMatchSpecAttr(a *terraform.Attribute, spec *MatchSpec, customCtx *customContext) bool {
334 for _, preCondition := range spec.PreConditions {

Callers 15

TestOrMatchFunctionFunction · 0.85
TestAndMatchFunctionFunction · 0.85
TestNestedMatchFunctionFunction · 0.85
TestNotFunctionFunction · 0.85
TestPreConditionFunction · 0.85
TestAssignVariableFunction · 0.85
TestRegexMatchesFunction · 0.85
TestAttributeSubMatchesFunction · 0.85
TestSubMatchOnesFunction · 0.85
ProcessFoundChecksFunction · 0.85
notifyPredicateFunction · 0.85
processOrPredicateFunction · 0.85

Calls 4

ofTypeFunction · 0.85
processSubMatchesFunction · 0.85
processSubMatchOnesFunction · 0.85
ValueMethod · 0.65

Tested by 9

TestOrMatchFunctionFunction · 0.68
TestAndMatchFunctionFunction · 0.68
TestNestedMatchFunctionFunction · 0.68
TestNotFunctionFunction · 0.68
TestPreConditionFunction · 0.68
TestAssignVariableFunction · 0.68
TestRegexMatchesFunction · 0.68
TestAttributeSubMatchesFunction · 0.68
TestSubMatchOnesFunction · 0.68