From 9c87104f9d9f343f02f561d1ac92776a1d53272d Mon Sep 17 00:00:00 2001 From: Cursor Agent Date: Thu, 27 Nov 2025 12:37:15 +0000 Subject: [PATCH] Refactor: Remove deleted resources from parsed output Co-authored-by: emre.erkunt --- terraform_compliance/extensions/terraform.py | 29 ++++++++---- .../extensions/test_terraform.py | 47 +++++++++++++++++++ 2 files changed, 66 insertions(+), 10 deletions(-) diff --git a/terraform_compliance/extensions/terraform.py b/terraform_compliance/extensions/terraform.py index 3a70c213..c551aba0 100644 --- a/terraform_compliance/extensions/terraform.py +++ b/terraform_compliance/extensions/terraform.py @@ -151,21 +151,30 @@ def _parse_resources(self): else: self.resources[resource['address']] = resource + delete_only_addresses = set() + # Resource Changes ( exists in Plan ) - for finding in self.raw.get('resource_changes', {}): + for finding in self.raw.get('resource_changes', []): resource = deepcopy(finding) change = resource.get('change', {}) actions = change.get('actions', []) - if actions != ['delete']: - resource['values'] = change.get('after', {}) # dict_merge(change.get('after', {}), change.get('after_unknown', {})) - self.remember_after_unknown(resource, change.get('after_unknown', {})) - if 'change' in resource: - del resource['change'] + if actions == ['delete']: + delete_only_addresses.add(resource.get('address')) + continue - if self.is_type(resource, 'data'): - self.data[resource['address']] = resource - else: - self.resources[resource['address']] = resource + resource['values'] = change.get('after', {}) + self.remember_after_unknown(resource, change.get('after_unknown', {})) + if 'change' in resource: + del resource['change'] + + if self.is_type(resource, 'data'): + self.data[resource['address']] = resource + else: + self.resources[resource['address']] = resource + + for address in delete_only_addresses: + self.resources.pop(address, None) + self.data.pop(address, None) if self.parse_it: self.cache.set('resources', self.resources) diff --git a/tests/terraform_compliance/extensions/test_terraform.py b/tests/terraform_compliance/extensions/test_terraform.py index 91a86948..80c14119 100644 --- a/tests/terraform_compliance/extensions/test_terraform.py +++ b/tests/terraform_compliance/extensions/test_terraform.py @@ -213,6 +213,53 @@ def test_parse_resources_resources_exists_in_the_resource_changes_deleted(self, obj._parse_resources() self.assertEqual(obj.resources, {}) + @patch.object(TerraformParser, '_read_file', return_value={}) + def test_parse_resources_deleted_state_resources_removed(self, *args): + obj = TerraformParser('somefile', parse_it=False) + obj.raw['values'] = { + 'root_module': { + 'resources': [ + { + 'address': 'something' + } + ] + } + } + obj.raw['resource_changes'] = [ + { + 'address': 'something', + 'change': { + 'actions': ['delete'] + } + } + ] + obj._parse_resources() + self.assertEqual(obj.resources, {}) + + @patch.object(TerraformParser, '_read_file', return_value={}) + def test_parse_resources_deleted_state_data_removed(self, *args): + obj = TerraformParser('somefile', parse_it=False) + obj.raw['values'] = { + 'root_module': { + 'resources': [ + { + 'address': 'data.something', + 'mode': 'data' + } + ] + } + } + obj.raw['resource_changes'] = [ + { + 'address': 'data.something', + 'change': { + 'actions': ['delete'] + } + } + ] + obj._parse_resources() + self.assertEqual(obj.data, {}) + @patch.object(TerraformParser, '_read_file', return_value={}) def test_parse_configurations_resources(self, *args): obj = TerraformParser('somefile', parse_it=False)