feat(terraform): add option to add external_modules_content_cache to …

…terraform build_graph (#6942) * add option to add external_modules_content_cache to terraform GraphManager * add option to add external_modules_content_cache to terraform GraphManager * add option to add external_modules_content_cache to terraform GraphManager * add option to add external_modules_content_cache to terraform GraphManager * add option to add external_modules_content_cache to terraform GraphManager
bridgecrewio · Jan 9, 2025 · f78b038 · f78b038
1 parent 5f9175f
commit f78b038
Show file tree

Hide file tree

Showing 10 changed files with 18 additions and 8 deletions.
diff --git a/checkov/arm/graph_manager.py b/checkov/arm/graph_manager.py
@@ -23,6 +23,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[ArmLocalGraph, dict[str, dict[str, Any]]]:
         file_paths = get_scannable_file_paths(root_folder=source_dir, excluded_paths=excluded_paths)
         definitions, _, _ = get_files_definitions(files=file_paths)

diff --git a/checkov/bicep/graph_manager.py b/checkov/bicep/graph_manager.py
@@ -1,7 +1,7 @@
 from __future__ import annotations
 
 from pathlib import Path
-from typing import TYPE_CHECKING
+from typing import TYPE_CHECKING, Any
 
 from checkov.bicep.parser import Parser
 from checkov.bicep.utils import get_scannable_file_paths
@@ -26,6 +26,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[BicepLocalGraph, dict[Path, BicepJson]]:
         file_paths = get_scannable_file_paths(root_folder=source_dir)
         definitions, definitions_raw, parsing_errors = Parser().get_files_definitions(file_paths)  # type:ignore[assignment]

diff --git a/checkov/cloudformation/graph_manager.py b/checkov/cloudformation/graph_manager.py
@@ -27,6 +27,7 @@ def build_graph_from_source_directory(
         parsing_errors: Optional[Dict[str, Exception]] = None,
         download_external_modules: bool = False,
         excluded_paths: Optional[List[str]] = None,
+        **kwargs: Any,
     ) -> Tuple[CloudformationLocalGraph, dict[str, dict[str, Any]]]:
         logging.info(f"[CloudformationGraphManager] Parsing files in source dir {source_dir}")
         parsing_errors = {} if parsing_errors is None else parsing_errors

diff --git a/checkov/common/graph/graph_manager.py b/checkov/common/graph/graph_manager.py
@@ -27,6 +27,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[_LocalGraph | None, _Definitions]:
         pass
 

diff --git a/checkov/common/runners/graph_manager.py b/checkov/common/runners/graph_manager.py
@@ -23,6 +23,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[ObjectLocalGraph, dict[str | Path, dict[str, Any] | list[dict[str, Any]]]]:
         definitions = local_graph_class.get_files_definitions(root_folder=source_dir)
         local_graph = self.build_graph_from_definitions(definitions=definitions, graph_class=local_graph_class)

diff --git a/checkov/dockerfile/graph_manager.py b/checkov/dockerfile/graph_manager.py
@@ -1,7 +1,7 @@
 from __future__ import annotations
 
 import os
-from typing import TYPE_CHECKING
+from typing import TYPE_CHECKING, Any
 
 from checkov.common.graph.graph_builder.consts import GraphSource
 from checkov.common.graph.graph_manager import GraphManager
@@ -25,6 +25,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[DockerfileLocalGraph, dict[str, dict[str, list[_Instruction]]]]:
         file_paths = get_scannable_file_paths(root_folder=source_dir, excluded_paths=excluded_paths)
         filepath_fn = lambda f: f"/{os.path.relpath(f, os.path.commonprefix((source_dir, f)))}"

diff --git a/checkov/kubernetes/graph_manager.py b/checkov/kubernetes/graph_manager.py
@@ -24,7 +24,8 @@ def build_graph_from_source_directory(
         render_variables: bool = True,
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
-        excluded_paths: list[str] | None = None
+        excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[KubernetesLocalGraph, dict[str, list[dict[str, Any]]]]:
         definitions, definitions_raw = get_folder_definitions(source_dir, excluded_paths)
         local_graph = self.build_graph_from_definitions(definitions=definitions, render_variables=False)

diff --git a/checkov/serverless/graph_manager.py b/checkov/serverless/graph_manager.py
@@ -23,6 +23,7 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[ServerlessLocalGraph, dict[str, dict[str, Any]]]:
         file_paths = get_scannable_file_paths(root_folder=source_dir, excluded_paths=excluded_paths)
         definitions, _ = get_files_definitions(files=file_paths)

diff --git a/checkov/terraform/graph_manager.py b/checkov/terraform/graph_manager.py
@@ -32,6 +32,7 @@ def build_multi_graph_from_source_directory(
         excluded_paths: list[str] | None = None,
         external_modules_download_path: str = DEFAULT_EXTERNAL_MODULES_DIR,
         vars_files: list[str] | None = None,
+        external_modules_content_cache: dict[str, Any] | None = None,
     ) -> tuple[list[tuple[TerraformLocalGraph, list[dict[TFDefinitionKey, dict[str, Any]]], str]], dict[str, str]]:
         logging.info("Parsing HCL files in source dir to multi graph")
         modules_with_definitions = self.parser.parse_multi_graph_hcl_module(
@@ -42,6 +43,7 @@ def build_multi_graph_from_source_directory(
             parsing_errors=parsing_errors,
             excluded_paths=excluded_paths,
             vars_files=vars_files,
+            external_modules_content_cache=external_modules_content_cache
         )
 
         graphs: list[tuple[TerraformLocalGraph, list[dict[TFDefinitionKey, dict[str, Any]]], str]] = []
@@ -64,18 +66,18 @@ def build_graph_from_source_directory(
         parsing_errors: dict[str, Exception] | None = None,
         download_external_modules: bool = False,
         excluded_paths: list[str] | None = None,
-        external_modules_download_path: str = DEFAULT_EXTERNAL_MODULES_DIR,
-        vars_files: list[str] | None = None,
+        **kwargs: Any,
     ) -> tuple[TerraformLocalGraph, dict[TFDefinitionKey, dict[str, Any]]]:
         logging.info("Parsing HCL files in source dir to graph")
         module, tf_definitions = self.parser.parse_hcl_module(
             source_dir=source_dir,
             source=self.source,
             download_external_modules=download_external_modules,
-            external_modules_download_path=external_modules_download_path,
+            external_modules_download_path=kwargs.get('external_modules_download_path', DEFAULT_EXTERNAL_MODULES_DIR),
             parsing_errors=parsing_errors,
             excluded_paths=excluded_paths,
-            vars_files=vars_files,
+            vars_files=kwargs.get('vars_files', None),
+            external_modules_content_cache=kwargs.get('external_modules_content_cache', None)
         )
 
         logging.info("Building graph from parsed module")

diff --git a/checkov/terraform/runner.py b/checkov/terraform/runner.py
@@ -99,9 +99,9 @@ def run(
                         source_dir=root_folder,
                         local_graph_class=self.graph_class,
                         download_external_modules=runner_filter.download_external_modules,
-                        external_modules_download_path=runner_filter.external_modules_download_path,
                         parsing_errors=parsing_errors,
                         excluded_paths=runner_filter.excluded_paths,
+                        external_modules_download_path=runner_filter.external_modules_download_path,
                         vars_files=runner_filter.var_files,
                     )
                     # Make graph a list to allow single processing method for all cases