tenable · cesar-rodriguez · Aug 13, 2021 · Jul 16, 2021 · Aug 13, 2021 · Aug 13, 2021
@@ -19,18 +19,18 @@ package iacprovider
 import (
 	"reflect"
 
-	kustomizev3 "github.com/accurics/terrascan/pkg/iac-providers/kustomize/v3"
+	kustomizev4 "github.com/accurics/terrascan/pkg/iac-providers/kustomize/v4"
 )
 
 // kustomize specific constants
 const (
 	kustomize                  supportedIacType    = "kustomize"
-	kustomizeV3                supportedIacVersion = "v3"
-	kustomizeDefaultIacVersion                     = kustomizeV3
+	kustomizeV4                supportedIacVersion = "v4"
+	kustomizeDefaultIacVersion                     = kustomizeV4
 )
 
 // register kustomize as an IaC provider with terrascan
 func init() {
 	// register iac provider
-	RegisterIacProvider(kustomize, kustomizeV3, kustomizeDefaultIacVersion, reflect.TypeOf(kustomizev3.KustomizeV3{}))
+	RegisterIacProvider(kustomize, kustomizeV4, kustomizeDefaultIacVersion, reflect.TypeOf(kustomizev4.KustomizeV4{}))
 }
@@ -1,4 +1,4 @@
-package kustomizev3
+package kustomizev4
 
 import (
 	"fmt"
@@ -23,8 +23,7 @@ var (
 )
 
 // LoadIacDir loads the kustomize directory and returns the ResourceConfig mapping which is evaluated by the policy engine
-func (k *KustomizeV3) LoadIacDir(absRootDir string, options map[string]interface{}) (output.AllResourceConfigs, error) {
-
+func (k *KustomizeV4) LoadIacDir(absRootDir string, options map[string]interface{}) (output.AllResourceConfigs, error) {
 	allResourcesConfig := make(map[string][]output.ResourceConfig)
 
 	files, err := utils.FindFilesBySuffixInDir(absRootDir, KustomizeFileNames())

@@ -1,4 +1,4 @@
-package kustomizev3
+package kustomizev4
 
 import (
 	"fmt"
@@ -23,7 +23,7 @@ func TestLoadIacDir(t *testing.T) {
 	table := []struct {
 		name          string
 		dirPath       string
-		kustomize     KustomizeV3
+		kustomize     KustomizeV4
 		want          output.AllResourceConfigs
 		wantErr       error
 		resourceCount int
@@ -32,58 +32,58 @@ func TestLoadIacDir(t *testing.T) {
 		{
 			name:          "invalid dirPath",
 			dirPath:       "not-there",
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			wantErr:       multierror.Append(&os.PathError{Err: syscall.ENOENT, Op: "open", Path: "not-there"}),
 			resourceCount: 0,
 		},
 		{
 			name:          "simple-deployment",
 			dirPath:       filepath.Join(testDataDir, "simple-deployment"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 4,
 		},
 		{
 			name:          "multibases",
 			dirPath:       filepath.Join(multibasesDir, "base"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 2,
 		},
 		{
 			name:          "multibases",
 			dirPath:       filepath.Join(multibasesDir, "dev"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 2,
 		},
 		{
 			name:          "multibases",
 			dirPath:       filepath.Join(multibasesDir, "prod"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 2,
 		},
 
 		{
 			name:          "multibases",
 			dirPath:       filepath.Join(multibasesDir, "stage"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 2,
 		},
 		{
 			name:          "multibases",
 			dirPath:       multibasesDir,
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			resourceCount: 4,
 		},
 		{
 			name:          "no-kustomize-directory",
 			dirPath:       filepath.Join(testDataDir, "no-kustomizefile"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			wantErr:       multierror.Append(fmt.Errorf("kustomization.y(a)ml file not found in the directory %s", filepath.Join(testDataDir, "no-kustomizefile"))),
 			resourceCount: 0,
 		},
 		{
 			name:          "kustomize-file-empty",
 			dirPath:       filepath.Join(testDataDir, "kustomize-file-empty"),
-			kustomize:     KustomizeV3{},
+			kustomize:     KustomizeV4{},
 			wantErr:       multierror.Append(fmt.Errorf("unable to read the kustomization file in the directory %s, error: yaml file is empty", filepath.Join(testDataDir, "kustomize-file-empty"))),
 			resourceCount: 0,
 		},

@@ -1,4 +1,4 @@
-package kustomizev3
+package kustomizev4
 
 import (
 	"fmt"
@@ -12,7 +12,7 @@ var (
 )
 
 // LoadIacFile is not supported for kustomize. Only loading directories that have kustomization.y(a)ml file are supported
-func (k *KustomizeV3) LoadIacFile(absRootPath string, options map[string]interface{}) (allResourcesConfig output.AllResourceConfigs, err error) {
+func (k *KustomizeV4) LoadIacFile(absRootPath string, options map[string]interface{}) (allResourcesConfig output.AllResourceConfigs, err error) {
 	zap.S().Error(errLoadIacFileNotSupported)
 	return make(map[string][]output.ResourceConfig), errLoadIacFileNotSupported
 }
@@ -1,4 +1,4 @@
-package kustomizev3
+package kustomizev4
 
 import (
 	"reflect"
@@ -13,15 +13,15 @@ func TestLoadIacFile(t *testing.T) {
 		name      string
 		filePath  string
 		options   map[string]interface{}
-		kustomize KustomizeV3
+		kustomize KustomizeV4
 		typeOnly  bool
 		want      output.AllResourceConfigs
 		wantErr   error
 	}{
 		{
 			name:      "load iac file is not supported for kustomize",
 			filePath:  "/dummyfilepath.yaml",
-			kustomize: KustomizeV3{},
+			kustomize: KustomizeV4{},
 			wantErr:   errLoadIacFileNotSupported,
 		},
 	}

@@ -1,12 +1,12 @@
-package kustomizev3
+package kustomizev4
 
 import (
 	"github.com/accurics/terrascan/pkg/utils"
 	"github.com/hashicorp/go-multierror"
 )
 
-// KustomizeV3 struct
-type KustomizeV3 struct {
+// KustomizeV4 struct
+type KustomizeV4 struct {
 	errIacLoadDirs *multierror.Error
 }
 

@@ -2,7 +2,7 @@ package policy
 
 const (
 	defaultKustomizeIacType    supportedIacType    = "kustomize"
-	defaultKustomizeIacVersion supportedIacVersion = version3
+	defaultKustomizeIacVersion supportedIacVersion = version4
 )
 
 func init() {

@@ -12,6 +12,7 @@ const (
 	version12 = "v12"
 	version1  = "v1"
 	version3  = "v3"
+	version4  = "v4"
 )
 
 // EngineInput Contains data used as input to the engine

@@ -30,7 +30,7 @@ import (
 	dockerv1 "github.com/accurics/terrascan/pkg/iac-providers/docker/v1"
 	helmv3 "github.com/accurics/terrascan/pkg/iac-providers/helm/v3"
 	k8sv1 "github.com/accurics/terrascan/pkg/iac-providers/kubernetes/v1"
-	kustomizev3 "github.com/accurics/terrascan/pkg/iac-providers/kustomize/v3"
+	kustomizev4 "github.com/accurics/terrascan/pkg/iac-providers/kustomize/v4"
 	tfv12 "github.com/accurics/terrascan/pkg/iac-providers/terraform/v12"
 	tfv14 "github.com/accurics/terrascan/pkg/iac-providers/terraform/v14"
 	"github.com/accurics/terrascan/pkg/notifications/webhook"
@@ -262,7 +262,7 @@ func TestInit(t *testing.T) {
 				policyPath:  []string{testPoliciesDir},
 			},
 			wantErr:         nil,
-			wantIacProvider: []iacProvider.IacProvider{&armv1.ARMV1{}, &cftv1.CFTV1{}, &dockerv1.DockerV1{}, &helmv3.HelmV3{}, &k8sv1.K8sV1{}, &kustomizev3.KustomizeV3{}, &tfv15.TfV15{}},
+			wantIacProvider: []iacProvider.IacProvider{&armv1.ARMV1{}, &cftv1.CFTV1{}, &dockerv1.DockerV1{}, &helmv3.HelmV3{}, &k8sv1.K8sV1{}, &kustomizev4.KustomizeV4{}, &tfv15.TfV15{}},
 			wantNotifiers:   []notifications.Notifier{},
 		},
 		{

@@ -12,7 +12,7 @@ Flags:
   -d, --iac-dir string            path to a directory containing one or more IaC files (default ".")
   -f, --iac-file string           path to a single IaC file
   -i, --iac-type string           iac type (arm, cft, docker, helm, k8s, kustomize, terraform, tfplan)
-      --iac-version string        iac version (arm: v1, cft: v1, docker: v1, helm: v3, k8s: v1, kustomize: v3, terraform: v12, v13, v14, v15, tfplan: v1)
+      --iac-version string        iac version (arm: v1, cft: v1, docker: v1, helm: v3, k8s: v1, kustomize: v4, terraform: v12, v13, v14, v15, tfplan: v1)
       --non-recursive             do not scan directories and modules recursively
   -p, --policy-path stringArray   policy path directory
   -t, --policy-type strings       policy type (all, aws, azure, docker, gcp, github, k8s) (default [all])