From 4547e2766610f929083612531792f8b76dca9dcc Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Thu, 31 Aug 2023 17:47:06 +0700
Subject: [PATCH] fix(terraform): improve detection of terraform files (#4984)

* fix(terraform): improve detection of terraform files

* update defsec

---------

Co-authored-by: Simar <simar@linux.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
---
 .../analyzer/config/terraform/terraform.go      | 12 ++----------
 .../analyzer/config/terraform/terraform_test.go | 17 ++++++++++++++++-
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/pkg/fanal/analyzer/config/terraform/terraform.go b/pkg/fanal/analyzer/config/terraform/terraform.go
index f612b4ce0eb6..11ffa446469c 100644
--- a/pkg/fanal/analyzer/config/terraform/terraform.go
+++ b/pkg/fanal/analyzer/config/terraform/terraform.go
@@ -2,10 +2,8 @@ package terraform
 
 import (
 	"os"
-	"path/filepath"
-
-	"golang.org/x/exp/slices"
 
+	"github.com/aquasecurity/defsec/pkg/detection"
 	"github.com/aquasecurity/trivy/pkg/fanal/analyzer"
 	"github.com/aquasecurity/trivy/pkg/fanal/analyzer/config"
 	"github.com/aquasecurity/trivy/pkg/misconf"
@@ -16,12 +14,6 @@ const (
 	version      = 1
 )
 
-var requiredExts = []string{
-	".tf",
-	".tf.json",
-	".tfvars",
-}
-
 func init() {
 	analyzer.RegisterPostAnalyzer(analyzerType, newTerraformConfigAnalyzer)
 }
@@ -42,5 +34,5 @@ func newTerraformConfigAnalyzer(opts analyzer.AnalyzerOptions) (analyzer.PostAna
 
 // Required overrides config.Analyzer.Required() and checks if the given file is a Terraform file.
 func (*terraformConfigAnalyzer) Required(filePath string, _ os.FileInfo) bool {
-	return slices.Contains(requiredExts, filepath.Ext(filePath))
+	return detection.IsTerraformFile(filePath)
 }
diff --git a/pkg/fanal/analyzer/config/terraform/terraform_test.go b/pkg/fanal/analyzer/config/terraform/terraform_test.go
index 7a03c7aaa9f1..9096ee062a5e 100644
--- a/pkg/fanal/analyzer/config/terraform/terraform_test.go
+++ b/pkg/fanal/analyzer/config/terraform/terraform_test.go
@@ -13,10 +13,25 @@ func TestConfigAnalyzer_Required(t *testing.T) {
 		want     bool
 	}{
 		{
-			name:     "happy path",
+			name:     "tf",
 			filePath: "/path/to/main.tf",
 			want:     true,
 		},
+		{
+			name:     "tf.json",
+			filePath: "/path/to/main.tf.json",
+			want:     true,
+		},
+		{
+			name:     "tfvars",
+			filePath: "/path/to/some.tfvars",
+			want:     true,
+		},
+		{
+			name:     "json",
+			filePath: "/path/to/some.json",
+			want:     false,
+		},
 		{
 			name:     "hcl",
 			filePath: "/path/to/main.hcl",