From c08593fb0abdf6f42feb1bcd5b35a7b884185db5 Mon Sep 17 00:00:00 2001
From: Tyler Jang <tyler@trunk.io>
Date: Mon, 8 Jul 2024 20:56:02 -0700
Subject: [PATCH] Add tfvars filetype (#821)

Terraform and tofu can run on `.tfvars` files (although notably not
`.tfvars.json`). Adds this filetype

Also attempts to fix trivy test failures.
---
 linters/plugin.yaml           |  5 +++++
 linters/terraform/plugin.yaml |  2 +-
 linters/tofu/plugin.yaml      |  2 +-
 linters/trivy/trivy.test.ts   | 15 +++++++++++++--
 4 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/linters/plugin.yaml b/linters/plugin.yaml
index e00dcbf6c..9d93da58a 100644
--- a/linters/plugin.yaml
+++ b/linters/plugin.yaml
@@ -600,6 +600,11 @@ lint:
       comments:
         - hash
 
+    - name: tfvars
+      extensions:
+        # terraform/tofu can't format .tfvars.json files
+        - tfvars
+
     - name: toml
       extensions:
         - toml
diff --git a/linters/terraform/plugin.yaml b/linters/terraform/plugin.yaml
index adf728c2d..ebfd9ef95 100644
--- a/linters/terraform/plugin.yaml
+++ b/linters/terraform/plugin.yaml
@@ -2,7 +2,7 @@ version: 0.1
 lint:
   definitions:
     - name: terraform
-      files: [terraform]
+      files: [terraform, tfvars]
       tools: [terraform]
       description: Validate and format terraform files
       commands:
diff --git a/linters/tofu/plugin.yaml b/linters/tofu/plugin.yaml
index ef2cc66c2..fffce9a0d 100644
--- a/linters/tofu/plugin.yaml
+++ b/linters/tofu/plugin.yaml
@@ -2,7 +2,7 @@ version: 0.1
 lint:
   definitions:
     - name: tofu
-      files: [terraform]
+      files: [terraform, tfvars]
       tools: [tofu]
       description: A Terraform validator and formatter
       commands:
diff --git a/linters/trivy/trivy.test.ts b/linters/trivy/trivy.test.ts
index a7616be51..9172f7b60 100644
--- a/linters/trivy/trivy.test.ts
+++ b/linters/trivy/trivy.test.ts
@@ -12,9 +12,20 @@ const callbackGenerator =
     const trunkYamlPath = ".trunk/trunk.yaml";
     const currentContents = driver.readFile(trunkYamlPath);
     const trivyRegex = /- trivy@(.+)\n/;
+
+    // fs-vuln, config sometimes fail in CI to query DB concurrently.
+    const extraContents = `
+  definitions:
+    - name: trivy
+      commands:
+        - name: fs-vuln
+          max_concurrency: 1
+        - name: config
+          max_concurrency: 1
+`;
     const newContents = currentContents.replace(
       trivyRegex,
-      `- trivy@$1:\n        commands: [${command}]\n`,
+      `- trivy@$1:\n        commands: [${command}]\n${extraContents}`,
     );
     driver.writeFile(trunkYamlPath, newContents);
     if (otherPreCheck) {
@@ -42,7 +53,7 @@ fuzzyLinterCheckTest({
   linterName: "trivy",
   testName: "fs-vuln",
   args: "-a",
-  fileIssueAssertionCallback: createFuzzyMatcher(() => vulnExpectedFileIssues, 30),
+  fileIssueAssertionCallback: createFuzzyMatcher(() => vulnExpectedFileIssues, 20),
   preCheck: callbackGenerator("fs-vuln"),
 });