chore: Revert "feat(kustomize): Add origin annotations to calculate b…

…ases of… (#5312) Revert "feat(kustomize): Add origin annotations to calculate bases of kustomize checks (#5298)" This reverts commit 40e3626.
bridgecrewio · Jul 10, 2023 · 4387c32 · 4387c32
1 parent 456225b
commit 4387c32
Show file tree

Hide file tree

Showing 6 changed files with 66 additions and 254 deletions.
diff --git a/checkov/common/typing.py b/checkov/common/typing.py
@@ -133,4 +133,3 @@ class _EntityContext(TypedDict, total=False):
     policy: str
     code_lines: list[tuple[int, str]]
     skipped_checks: list[_SkippedCheck]
-    origin_relative_path: str
diff --git a/checkov/kubernetes/kubernetes_utils.py b/checkov/kubernetes/kubernetes_utils.py
@@ -138,25 +138,34 @@ def build_definitions_context(
             resource_id = get_resource_id(resource)
             if not resource_id:
                 continue
-
-            relative_resource_path = None
-            if 'metadata' in resource:
-                metadata = resource['metadata']
-                if 'annotations' in metadata and metadata['annotations'] is not None\
-                        and 'config.kubernetes.io/origin' in metadata['annotations']:
-                    metadata_path = metadata['annotations']['config.kubernetes.io/origin']
-                    if 'path:' in metadata_path:
-                        relative_resource_path = metadata_path.split('path:')[1].strip()
-
-            resource_start_line = resource[START_LINE]
-            resource_end_line = min(resource[END_LINE], len(definitions_raw[file_path]))
-            raw_code = definitions_raw[file_path]
-            code_lines, start_line, end_line = calculate_code_lines(raw_code, resource_start_line, resource_end_line)
+            start_line = resource[START_LINE]
+            end_line = min(resource[END_LINE], len(definitions_raw[file_path]))
+            first_line_index = 0
+            # skip empty lines
+            while not str.strip(definitions_raw[file_path][first_line_index][1]):
+                first_line_index += 1
+            # check if the file is a json file
+            if str.strip(definitions_raw[file_path][first_line_index][1])[0] == "{":
+                start_line += 1
+                end_line += 1
+            else:
+                # add resource comments to definition lines
+                current_line = str.strip(definitions_raw[file_path][start_line - 1][1])
+                while not current_line or current_line[0] == YAML_COMMENT_MARK:
+                    start_line -= 1
+                    current_line = str.strip(definitions_raw[file_path][start_line - 1][1])
+
+                # remove next resource comments from definition lines
+                current_line = str.strip(definitions_raw[file_path][end_line - 1][1])
+                while not current_line or current_line[0] == YAML_COMMENT_MARK:
+                    end_line -= 1
+                    current_line = str.strip(definitions_raw[file_path][end_line - 1][1])
+
+            code_lines = definitions_raw[file_path][start_line - 1: end_line]
             dpath.new(
                 definitions_context,
                 [file_path, resource_id],
-                {"start_line": start_line, "end_line": end_line, "code_lines": code_lines,
-                 "origin_relative_path": relative_resource_path},
+                {"start_line": start_line, "end_line": end_line, "code_lines": code_lines},
             )
 
             skipped_checks = get_skipped_checks(resource)
@@ -168,32 +177,6 @@ def build_definitions_context(
     return definitions_context
 
 
-def calculate_code_lines(raw_code: list[tuple[int, str]], start_line: int, end_line: int) \
-        -> tuple[list[tuple[int, str]], int, int]:
-    first_line_index = 0
-    # skip empty lines
-    while not str.strip(raw_code[first_line_index][1]):
-        first_line_index += 1
-    # check if the file is a json file
-    if str.strip(raw_code[first_line_index][1])[0] == "{":
-        start_line += 1
-        end_line += 1
-    else:
-        # add resource comments to definition lines
-        current_line = str.strip(raw_code[start_line - 1][1])
-        while not current_line or current_line[0] == YAML_COMMENT_MARK:
-            start_line -= 1
-            current_line = str.strip(raw_code[start_line - 1][1])
-
-        # remove next resource comments from definition lines
-        current_line = str.strip(raw_code[end_line - 1][1])
-        while not current_line or current_line[0] == YAML_COMMENT_MARK:
-            end_line -= 1
-            current_line = str.strip(raw_code[end_line - 1][1])
-    code_lines = raw_code[start_line - 1: end_line]
-    return code_lines, start_line, end_line
-
-
 def is_invalid_k8_definition(definition: Dict[str, Any]) -> bool:
     return (
         not isinstance(definition, dict)

diff --git a/checkov/kubernetes/runner.py b/checkov/kubernetes/runner.py
@@ -174,8 +174,7 @@ def check_definitions(
                 # TODO? - Variable Eval Message!
                 variable_evaluations: "dict[str, Any]" = {}
 
-                report = self.mutate_kubernetes_results(results, report, k8_file, k8_file_path, file_abs_path,
-                                                        entity_conf, variable_evaluations, root_folder)
+                report = self.mutate_kubernetes_results(results, report, k8_file, k8_file_path, file_abs_path, entity_conf, variable_evaluations)
             self.pbar.update()
         self.pbar.close()
         return report
@@ -195,7 +194,6 @@ def mutate_kubernetes_results(
         file_abs_path: str,
         entity_conf: dict[str, Any],
         variable_evaluations: dict[str, Any],
-        root_folder: str | None = None
     ) -> Report:
         # Moves report generation logic out of run() method in Runner class.
         # Allows function overriding of a much smaller function than run() for other "child" frameworks such as Kustomize, Helm