G! dZddlmZddlmZddlmZddlZddlZddlZddlm Z m Z ddl m Z ddl mZddlZd e ee ee effd e e eefd ed e ee e eefffd Zde ed e eeffdZde eeffdZde eefd ee eefffdZded efdZded efdZde eefd ededed ef dZded e efdZde eded e e eeffdZded e e eeffdZy) zLibrary for fetching TF Files.)absolute_import)division)unicode_literalsN)DictList)run_subprocess)files iam_bindingstfstate_json_list resource_namereturnc >i}|jD]\}}|D]{}d|vr8|dD]0}t||||}|s||vrg||<||j|2d|vsD|dD]0}t||||}|s||vrg||<||j|2}|cSy)a1Gets the TFState information for the given IAM bindings. Args: iam_bindings: IAM bindings for the resource. tfstate_json_list: List of TFState files. resource_name: Resource name for which the finding was generated. Returns: List of TFState information for the given IAM bindings. ADDREMOVEN)itemsfetch_relevant_modulesappend) r r r tfstate_informationmemberbinding tfstate_jsonrole resource_datas ;lib/googlecloudsdk/api_lib/scc/iac_remediation/terraform.py"get_tfstate_information_per_memberrs:<%++-ofg) ' END0M4 -00,.!&)  ' . .} =# W H%D0M4 -00,.!&)  ' . .} =&*& ).tf_files_pathscvtttf}|D]}tj|}|||<|S)zReads the original files content. Args: tf_files_paths: List of TF files paths. Returns: Dict of file path and file content. )dictstrr ReadFileContents)roriginal_tf_files file_pathoriginal_file_contents rread_original_files_contentr%FsC38n&!i!229=#8i " r response_dictc`|jD]\}}tj||}y)z{Updates the TF files with the response dict. Args: response_dict: Response dict containing the updated TF files. N)rr WriteFileContents)r&r# file_data_s rupdate_tf_filesr+Xs.,113i  95A4rcptttf}|jD]l\}}tj|}|||< tj ||}ddd|g}t j|ddtj|||<nddg} t j|dd}t|tjd |d tjrd |fSy #t$r}t|d|fcYd}~cSd}~wwxYw#t$r}t|d|fcYd}~Sd}~wwxYw) a"Validates the TFState information for the given IAM bindings. Args: response_dict: response dict containing the updated TF files. Returns: True if the response is valid, False otherwise. updated_response_dict: Updated response dict containing the original TF files. terraformfmtz -write=trueF) timeout_sec show_stderrNvalidateSuccessrT)FN) rr rr r!r(rGetOutputLines Exceptionr+research IGNORECASE) r&r"r#r)r$r*cmdevalidate_outputs rvalidate_tf_filesr<es638n&+113i!229=#8i   ! !)Y 7a % :c##CRUK!&!7!7 !BmI4 j!#$33 O #$ii ?1-r}}=    '( AXo %& !8Os= A C,D, D5D D D D5D0*D50D5dir_pathc tj|ddg}tj|d gd}tj|d}|S#t$r }Yd}~yd}~wwxYw#t$r }Yd}~yd}~wwxYw)zFetches the TFState json for the given directory. Args: dir_path: The path of the directory to fetch the TFState files from. Returns: The json of the TFState file or None if there is an error. r-init )r0N)r-showz-json)oschdirrr4r5)r=r9r*rs rfetch_tfstate_json_from_dirrEszHHX  C!!#26 (C!00"EL     s"0AA& A#A#& A94A9r#cZtj|}tj|}|S)zFetches the TFState json for the given tfstate file path. Args: file_path: The path of the file to fetch the TFState json from. Returns: The json of the TFState files. )r r!hcl2loads)r#filers rfetch_tfstate_json_from_filerJs(    *$D!, rr role_name member_namecd}d|vsd|dvs d|ddvr|S|dddD]G}d|vsd|dvsd|dvsd|dvs |dd|k(s,|dd|k(s8|dd|k(sD|}|S|S)z:Fetches the relevant modules from the given TFState files.rAvalues root_module resourcesrr project_id)rr rKrLrresources rrrs -l" l84 4 L2=A A x(7 DhH * * hx( ( HX. . X x (K 7 X v &) 3 X | , =m E rroot_dirc&g}tj|g}|r|j}tj|D]}tj j ||}tj j|r$|jdrT|j|ftj j|s|jds$|jds|jdr|j||r|S)zFinds all the TF files in the given directory. Args: root_dir: The path of the directory to find the TF files in. Returns: A list of the TF files paths in the given directory. .z.tfz.tfvars) collectionsdequepopleftrClistdirpathjoinisdir startswithrisfileendswith)rTtf_filesqueue current_diritem item_paths r find_tf_filesrfs(   XJ '% --/K ;''',,{D1i y !s# ,,y ! 77>>) $   U #y'9'9)'D&&s+ "(  /rtfstate_file_pathscfg}|r#|D]}|jt||St|S)zFetches the TFState list for the given TFState file paths. Args: tfstate_file_paths: List of TFState file paths. root_dir: The path of the root directory. Returns: List of TFState json. )rrJfind_tfstate_jsons)rgrTr tfstate_file_paths rfetch_tfstate_listrksD/ &'8 90  h ''rcg}tj|g}|r|j}|jt |t j |D]e}|jdrt jj||}t jj|sU|j|g|r|S)zFinds the TFState jsons in the given directory. Args: dir_path: The path of the directory to find the TFState jsons in. Returns: List of TFState jsons. rV) rWrXrYrrErCrZr^r[r\r])r= tfstate_jsonsrbrcrdres rriris-   XJ '% --/K4[AB ;' __S !GGLLd3 77== # ,,y ! (  r)__doc__ __future__rrrrWrCr6typingrrgooglecloudsdk.command_lib.codergooglecloudsdk.core.utilr rGr rr%r+boolr<rErJrrfrkrirRrrrts%&' :* $sDd3i001$DcN+$$ #tDcN# #$ $NIcN$ 6S> 6$S>$ DcN$N##. C C sCx.#&58 6CDI4S  $sCx.0 $sCx.r