Overview

File tfsec.spec of Package tfsec

#
# spec file for package tfsec
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#



Name:           tfsec
Version:        1.28.13
Release:        0
Summary:        Sttatic analysis of your terraform code to spot potential misconfigurations
License:        MIT
URL:            https://github.com/aquasecurity/tfsec
Source:         tfsec-%{version}.tar.gz
Source1:        vendor.tar.gz
BuildRequires:  go1.24 >= 1.24.1
BuildRequires:  fdupes

%description
tfsec uses static analysis of your terraform code to spot potential misconfigurations.
Features
- Checks for misconfigurations across all major (and some minor) cloud providers
- Hundreds of built-in rules
- Scans modules (local and remote)
- Evaluates HCL expressions as well as literal values
- Evaluates Terraform functions e.g. concat()
- Evaluates relationships between Terraform resources
- Compatible with the Terraform CDK
- Applies (and embellishes) user-defined Rego policies
- Supports multiple output formats: lovely (default), JSON, SARIF, CSV, CheckStyle, JUnit, text, Gif.
- Configurable (via CLI flags and/or config file)
- Very fast, capable of quickly scanning huge repositories

%prep
%autosetup -p1 -a 1

%build
go build \
   -mod=vendor \
   -buildmode=pie \
   -ldflags="-X github.com/aquasecurity/tfsec/version.Version=v%{version} " \
   -o ./bin/%{name} ./cmd/%{name}/
go build \
   -mod=vendor \
   -buildmode=pie \
   -ldflags="-X github.com/aquasecurity/tfsec/version.Version=v%{version} " \
   -o ./bin/%{name}-checkgen ./cmd/%{name}-checkgen/

%install
# Install the binary.
install -D -m 0755 ./bin/%{name} %{buildroot}/%{_bindir}/%{name}
install -D -m 0755 ./bin/%{name} %{buildroot}/%{_bindir}/%{name}-checkgen

%fdupes %{buildroot}/%{_bindir}/

%check
%{buildroot}/%{_bindir}/%{name} --version | grep %{version}

%files
%doc README.md
%license LICENSE
%{_bindir}/%{name}
%{_bindir}/%{name}-checkgen

%changelog
openSUSE Build Service is sponsored by
Places