fix(ansible): handle empty tasks (#6751)

* Fix

* Fix graph

checkov/ansible/graph_builder/local_graph.py

@@ -31,8 +31,12 @@ def _create_vertices(self) -> None:
 
             for code_block in definition:
                 if ResourceType.TASKS in code_block:
-                    for task in code_block[ResourceType.TASKS]:
-                        self._process_blocks(file_path=file_path, task=task)
+                    tasks = code_block[ResourceType.TASKS]
+                    if tasks:  # Check if tasks is not None and not empty
+                        for task in tasks:
+                            self._process_blocks(file_path=file_path, task=task)
+                    else:
+                        self._process_blocks(file_path=file_path, task=code_block)
                 else:
                     self._process_blocks(file_path=file_path, task=code_block)
 

checkov/ansible/utils.py

@@ -141,8 +141,12 @@ def build_definitions_context(
 
         for code_block in definition:
             if ResourceType.TASKS in code_block:
-                for task in code_block[ResourceType.TASKS]:
-                    _process_blocks(definition_raw=definition_raw, file_path_context=file_path_context, task=task)
+                tasks = code_block[ResourceType.TASKS]
+                if tasks:  # Check if tasks is not empty
+                    for task in tasks:
+                        _process_blocks(definition_raw=definition_raw, file_path_context=file_path_context, task=task)
+                else:
+                    _process_blocks(definition_raw=definition_raw, file_path_context=file_path_context, task=code_block)
             else:
                 _process_blocks(definition_raw=definition_raw, file_path_context=file_path_context, task=code_block)
 

tests/ansible/examples/empty_tasks.yml

@@ -0,0 +1,6 @@
+---
+- name: Using a Role
+  hosts: all
+  roles:
+    - role: somerolename
+  tasks: