feat(config): support YAML files (fanal#155)

* feat: add config

* feat(analyzer/config): add yaml analyzer

* chore(mod): update

* chore(ci): bump up Go to 1.15

* test(analyzer/config): add anchors yaml test

* test(analyzer/config): add circular referneces yaml test

* refactor(analyzer/config) change yaml interface

* test(analyzer/config) add multiple yaml test

* chore(analyzer) change comment

Co-authored-by: masahiro331 <[email protected]>

Author: knqyf263

.github/workflows/bench.yml

@@ -6,10 +6,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - name: Set up Go 1.13
+    - name: Set up Go 1.15
       uses: actions/setup-go@v1
       with:
-        go-version: 1.13
+        go-version: 1.15
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/test.yml

@@ -9,10 +9,10 @@ jobs:
     name: Unit Test
     runs-on: ubuntu-latest
     steps:
-    - name: Set up Go 1.13
+    - name: Set up Go 1.15
       uses: actions/setup-go@v1
       with:
-        go-version: 1.13
+        go-version: 1.15
       id: go
 
     - name: Check out code into the Go module directory
@@ -28,10 +28,10 @@ jobs:
     name: Integration Test
     runs-on: ubuntu-latest
     steps:
-    - name: Set up Go 1.13
+    - name: Set up Go 1.15
       uses: actions/setup-go@v1
       with:
-        go-version: 1.13
+        go-version: 1.15
       id: go
 
     - name: Check out code into the Go module directory

analyzer/analyzer.go

@@ -56,10 +56,11 @@ type AnalysisResult struct {
 	OS           *types.OS
 	PackageInfos []types.PackageInfo
 	Applications []types.Application
+	Configs      []types.Config
 }
 
 func (r *AnalysisResult) isEmpty() bool {
-	return r.OS == nil && len(r.PackageInfos) == 0 && len(r.Applications) == 0
+	return r.OS == nil && len(r.PackageInfos) == 0 && len(r.Applications) == 0 && len(r.Configs) == 0
 }
 
 func (r *AnalysisResult) Sort() {
@@ -70,6 +71,10 @@ func (r *AnalysisResult) Sort() {
 	sort.Slice(r.Applications, func(i, j int) bool {
 		return r.Applications[i].FilePath < r.Applications[j].FilePath
 	})
+
+	sort.Slice(r.Configs, func(i, j int) bool {
+		return r.Configs[i].FilePath < r.Configs[j].FilePath
+	})
 }
 
 func (r *AnalysisResult) Merge(new *AnalysisResult) {
@@ -97,6 +102,10 @@ func (r *AnalysisResult) Merge(new *AnalysisResult) {
 	if len(new.Applications) > 0 {
 		r.Applications = append(r.Applications, new.Applications...)
 	}
+
+	if len(new.Configs) > 0 {
+		r.Configs = append(r.Configs, new.Configs...)
+	}
 }
 
 func AnalyzeFile(wg *sync.WaitGroup, result *AnalysisResult, filePath string, info os.FileInfo, opener Opener,

analyzer/config/const.go

@@ -0,0 +1,5 @@
+package config
+
+const (
+	YAML = "yaml"
+)

analyzer/config/yaml/testdata/anchor.yaml

@@ -0,0 +1,15 @@
+default: &default
+  line: single line
+
+john: &J
+  john_name: john
+fred: &F
+  fred_name: fred
+
+main:
+  <<: *default
+  name:
+    <<: [*J, *F]
+  comment: |
+    multi
+    line

analyzer/config/yaml/testdata/broken.yaml

@@ -0,0 +1 @@
+apiVersion": foo: bar

analyzer/config/yaml/testdata/circular_references.yaml

@@ -0,0 +1,3 @@
+circular: &circular
+  name:
+    <<: *circular

analyzer/config/yaml/testdata/deployment.yaml

@@ -0,0 +1,6 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hello-kubernetes
+spec:
+  replicas: 3

analyzer/config/yaml/testdata/multiple.yaml

@@ -0,0 +1,18 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hello-kubernetes
+spec:
+  replicas: 3
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: hello-kubernetes
+spec:
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080

analyzer/config/yaml/yaml.go

@@ -0,0 +1,55 @@
+package yaml
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/open-policy-agent/conftest/parser/yaml"
+	"golang.org/x/xerrors"
+
+	"github.com/aquasecurity/fanal/analyzer"
+	"github.com/aquasecurity/fanal/analyzer/config"
+	"github.com/aquasecurity/fanal/types"
+)
+
+func init() {
+	analyzer.RegisterAnalyzer(&yamlConfigAnalyzer{
+		parser: &yaml.Parser{},
+	})
+}
+
+var (
+	requiredExts = []string{".yaml", ".yml"}
+)
+
+type yamlConfigAnalyzer struct {
+	parser *yaml.Parser
+}
+
+func (a yamlConfigAnalyzer) Analyze(target analyzer.AnalysisTarget) (*analyzer.AnalysisResult, error) {
+	var parsed interface{}
+	if err := a.parser.Unmarshal(target.Content, &parsed); err != nil {
+		return nil, xerrors.Errorf("unable to parse YAML (%s): %w", target.FilePath, err)
+	}
+	return &analyzer.AnalysisResult{
+		Configs: []types.Config{{
+			Type:     config.YAML,
+			FilePath: target.FilePath,
+			Content:  parsed,
+		}},
+	}, nil
+}
+
+func (a yamlConfigAnalyzer) Required(filePath string, _ os.FileInfo) bool {
+	ext := filepath.Ext(filePath)
+	for _, required := range requiredExts {
+		if ext == required {
+			return true
+		}
+	}
+	return false
+}
+
+func (a yamlConfigAnalyzer) Type() analyzer.Type {
+	return analyzer.TypeYaml
+}