add support for checkov for linting terraform files (#4006)

* add support for checkov for terraform * add tests for checkov handler * add basic linter config tests for checkov * update supported tools and languages lists * simplify ale_linters#terraform#checkov#Handle * ensure "-o json --quiet" is always set for checkov * add documentation for checkov including config options * fix tests after changing handling of default options for checkov * add checkov to list of tools in doc/ale.txt
2025-12-10 06:21:53 +08:00 · 2021-12-11 12:51:26 +01:00
parent b9744076a1
commit 091592bfb0
7 changed files with 143 additions and 0 deletions
--- a/test/handler/test_checkov_handler.vader
+++ b/test/handler/test_checkov_handler.vader
@@ -0,0 +1,66 @@
+Before:
+  runtime ale_linters/terraform/checkov.vim
+  call ale#test#SetFilename('main.tf')
+
+After:
+  call ale#linter#Reset()
+
+Execute(The JSON output of checkov should be handled correctly):
+  AssertEqual
+  \ [
+  \   {
+  \         'filename': '/main.tf',
+  \         'lnum': 22,
+  \         'end_lnum': 27,
+  \         'text': 'Enable VPC Flow Logs and Intranode Visibility [CKV_GCP_61]',
+  \         'detail': "CKV_GCP_61: Enable VPC Flow Logs and Intranode Visibility\n" .
+  \                   'For more information, see: https://docs.bridgecrew.io/docs/enable-vpc-flow-logs-and-intranode-visibility',
+  \         'type': 'W',
+  \   }
+  \ ],
+  \ ale_linters#terraform#checkov#Handle(bufnr(''), [
+  \'{',
+  \'    "check_type": "terraform",',
+  \'    "results": {',
+  \'        "failed_checks": [',
+  \'            {',
+  \'                "check_id": "CKV_GCP_61",',
+  \'                "bc_check_id": "BC_GCP_KUBERNETES_18",',
+  \'                "check_name": "Enable VPC Flow Logs and Intranode Visibility",',
+  \'                "check_result": {',
+  \'                    "result": "FAILED",',
+  \'                    "evaluated_keys": [',
+  \'                        "enable_intranode_visibility"',
+  \'                    ]',
+  \'                },',
+  \'                "file_path": "/main.tf",',
+  \'                "repo_file_path": "/main.tf",',
+  \'                "file_line_range": [',
+  \'                    22,',
+  \'                    27',
+  \'                ],',
+  \'                "resource": "google_container_cluster.cluster-name",',
+  \'                "evaluations": null,',
+  \'                "check_class": "checkov.terraform.checks.resource.gcp.GKEEnableVPCFlowLogs",',
+  \'                "entity_tags": null,',
+  \'                "resource_address": null,',
+  \'                "guideline": "https://docs.bridgecrew.io/docs/enable-vpc-flow-logs-and-intranode-visibility"',
+  \'            }',
+  \'        ]',
+  \'    }',
+  \'}'
+  \ ])
+
+Execute(Handle output for no findings correctly):
+  AssertEqual
+  \ [],
+  \ ale_linters#terraform#checkov#Handle(bufnr(''), [
+  \'{',
+  \'    "passed": 0,',
+  \'    "failed": 0,',
+  \'    "skipped": 0,',
+  \'    "parsing_errors": 0,',
+  \'    "resource_count": 0,',
+  \'    "checkov_version": "2.0.632"',
+  \'}'
+  \])