⭐️ allow users to ignore .terraform directory (#2746)

* ⭐️ allow users to ignore .terraform directory

providers/terraform/config/config.go

@@ -27,7 +27,15 @@ var Config = plugin.Provider{
 			MinArgs:   1,
 			MaxArgs:   2,
 			Discovery: []string{},
-			Flags:     []plugin.Flag{},
+			Flags: []plugin.Flag{
+				{
+					Long:        "ignore-dot-terraform",
+					Type:        plugin.FlagType_Bool,
+					Default:     "false",
+					Desc:        "Ignore the .terraform directory.",
+					ConfigEntry: "ignore_dot_terraform",
+				},
+			},
 		},
 	},
 }

providers/terraform/connection/hcl_manifest.go

@@ -51,6 +51,15 @@ func NewHclConnection(id uint32, asset *inventory.Asset) (*Connection, error) {
 
 func newHclConnection(path string, asset *inventory.Asset) (*Connection, error) {
 	// NOTE: right now we are only supporting to load either state, plan or hcl files but not at the same time
+	if len(asset.Connections) != 1 {
+		return nil, errors.New("only one connection is supported")
+	}
+
+	confOptions := asset.Connections[0].Options
+	includeDotTerraform := true
+	if confOptions["ignore-dot-terraform"] == "true" {
+		includeDotTerraform = false
+	}
 
 	var assetType terraformAssetType
 	// hcl files
@@ -78,6 +87,11 @@ func newHclConnection(path string, asset *inventory.Asset) (*Connection, error)
 				return nil
 			}
 
+			// if user asked to ignore .terraform, we skip all files in .terraform
+			if strings.Contains(path, ".terraform") && !includeDotTerraform {
+				return nil
+			}
+
 			if !d.IsDir() {
 				if strings.HasSuffix(path, ".terraform/modules/modules.json") {
 					modulesManifest, err = ParseTerraformModuleManifest(path)

providers/terraform/connection/hcl_manifest_test.go

@@ -30,19 +30,40 @@ func TestTerraform(t *testing.T) {
 
 func TestModuleManifestIssue676(t *testing.T) {
 	// See https://github.com/mondoohq/cnquery/issues/676
-	p, err := NewHclConnection(0, &inventory.Asset{
-		Connections: []*inventory.Config{
-			{
-				Options: map[string]string{
-					"path": "./testdata/issue676",
+	t.Run("issue#676", func(t *testing.T) {
+		p, err := NewHclConnection(0, &inventory.Asset{
+			Connections: []*inventory.Config{
+				{
+					Options: map[string]string{
+						"path": "./testdata/issue676",
+					},
+					Type: "hcl",
 				},
-				Type: "hcl",
 			},
-		},
+		})
+		require.NoError(t, err)
+
+		moduleManifest := p.ModulesManifest()
+		require.NotNil(t, moduleManifest)
+		require.Len(t, moduleManifest.Records, 3)
 	})
-	require.NoError(t, err)
 
-	moduleManifest := p.ModulesManifest()
-	require.NotNil(t, moduleManifest)
-	require.Len(t, moduleManifest.Records, 3)
+	// https://github.com/mondoohq/cnspec/issues/605
+	t.Run("issue#676", func(t *testing.T) {
+		p, err := NewHclConnection(0, &inventory.Asset{
+			Connections: []*inventory.Config{
+				{
+					Options: map[string]string{
+						"path":                 "./testdata/issue676",
+						"ignore-dot-terraform": "true",
+					},
+					Type: "hcl",
+				},
+			},
+		})
+		require.NoError(t, err)
+
+		moduleManifest := p.ModulesManifest()
+		require.Nil(t, moduleManifest)
+	})
 }

providers/terraform/connection/hcl_schema.go

@@ -6,8 +6,8 @@ package connection
 import "github.com/hashicorp/hcl/v2"
 
 // TODO: update the schema
-// lifted from terraform 0.12 source
-var TerraformSchema_0_12 = &hcl.BodySchema{
+// Same schema as defined in terraform itself https://github.com/hashicorp/terraform/blob/60ab95d3a7cde5e2aca82ee9df78e57cbba04534/internal/configs/parser_config.go#L269
+var TerraformSchema_1 = &hcl.BodySchema{
 	Blocks: []hcl.BlockHeaderSchema{
 		{
 			Type: "terraform",
@@ -39,5 +39,18 @@ var TerraformSchema_0_12 = &hcl.BodySchema{
 			Type:       "data",
 			LabelNames: []string{"type", "name"},
 		},
+		{
+			Type: "moved",
+		},
+		{
+			Type: "removed",
+		},
+		{
+			Type: "import",
+		},
+		{
+			Type:       "check",
+			LabelNames: []string{"name"},
+		},
 	},
 }

providers/terraform/provider/provider.go

@@ -5,6 +5,7 @@ package provider
 
 import (
 	"errors"
+	"github.com/rs/zerolog/log"
 	"strconv"
 	"strings"
 
@@ -82,6 +83,13 @@ func (s *Service) ParseCLI(req *plugin.ParseCLIReq) (*plugin.ParseCLIRes, error)
 		conf.Options["path"] = req.Args[0]
 	}
 
+	if x, ok := flags["ignore-dot-terraform"]; ok {
+		if x != nil {
+			conf.Options["ignore-dot-terraform"] = strconv.FormatBool(x.RawData().Value.(bool))
+			log.Info().Msg("user requested to ignore .terraform")
+		}
+	}
+
 	asset := &inventory.Asset{
 		Connections: []*inventory.Config{conf},
 	}

providers/terraform/resources/hcl.go

@@ -587,7 +587,7 @@ func listHclBlocks(runtime *plugin.Runtime, rawBody interface{}, file *hcl.File)
 			mqlHclBlocks = append(mqlHclBlocks, mqlBlock)
 		}
 	case hcl.Body:
-		content, _, _ := body.PartialContent(connection.TerraformSchema_0_12)
+		content, _, _ := body.PartialContent(connection.TerraformSchema_1)
 		for i := range content.Blocks {
 			mqlBlock, err := newMqlHclBlock(runtime, content.Blocks[i], file)
 			if err != nil {
@@ -761,7 +761,7 @@ func getBlockByName(hb *hcl.Block, name string) *hcl.Block {
 			}
 		}
 	case hcl.Body:
-		content, _, _ := body.PartialContent(connection.TerraformSchema_0_12)
+		content, _, _ := body.PartialContent(connection.TerraformSchema_1)
 		for i := range content.Blocks {
 			b := content.Blocks[i]
 			if b.Type == name {