From aa7c71a1561fe7263f8eb40a33b08bbd5ba2f0db Mon Sep 17 00:00:00 2001
From: rafaela-soares <rafaela.soares@checkmarx.com>
Date: Mon, 21 Feb 2022 12:44:46 +0000
Subject: [PATCH 1/2] fixed "rule named engines redeclared"

---
 assets/libraries/common.rego | 2 +-
 docs/platforms.md            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/assets/libraries/common.rego b/assets/libraries/common.rego
index 3af5775c9a6..de09ff2304e 100644
--- a/assets/libraries/common.rego
+++ b/assets/libraries/common.rego
@@ -351,7 +351,7 @@ get_encryption_if_exists(resource) = encryption {
 	encryption := "unencrypted"
 }
 
-engines := {
+engines = {
 	"aurora": 3306,
 	"aurora-mysql": 3306,
 	"aurora-postgresql": 3306,
diff --git a/docs/platforms.md b/docs/platforms.md
index 7a56809be7c..bf8a273058e 100644
--- a/docs/platforms.md
+++ b/docs/platforms.md
@@ -93,7 +93,7 @@ You can also run the command `cdktf synth --json` to display it in the terminal.
 ### Limitations
 
 #### Ansible
-At the moment, KICS does not support a robust approach to identifying Ansible samples. The identification of these samples is done through exclusion. When a YAML sample is not a CloudFormation, Helm, Kubernetes or OpenAPI sample, KICS recognize it as Ansible.
+At the moment, KICS does not support a robust approach to identifying Ansible samples. The identification of these samples is done through exclusion. When a YAML sample is not a CloudFormation, Google Deployment Manager, Helm, Kubernetes or OpenAPI sample, KICS recognize it as Ansible.
 
 Thus, KICS recognize other YAML samples (that are not Ansible) as Ansible, e.g. GitHub Actions samples. However, you can ignore these samples by writing `#kics-scan ignore` on the top of the file. For more details, please read this [documentation](https://github.com/Checkmarx/kics/blob/25b6b703e924ed42067d9ab7772536864aee900b/docs/running-kics.md#using-commands-on-scanned-files-as-comments).
 

From 565c725a7c87fa84623934bf72bee4e430b0e420 Mon Sep 17 00:00:00 2001
From: rafaela-soares <rafaela.soares@checkmarx.com>
Date: Mon, 21 Feb 2022 15:02:41 +0000
Subject: [PATCH 2/2] added test

---
 pkg/engine/inspector_test.go                  | 45 +++++++++++++++----
 test/fixtures/common_query_test/metadata.json |  9 ++++
 test/fixtures/common_query_test/query.rego    | 13 ++++++
 .../get_queries_test/common_query.rego        | 13 ++++++
 4 files changed, 72 insertions(+), 8 deletions(-)
 create mode 100644 test/fixtures/common_query_test/metadata.json
 create mode 100644 test/fixtures/common_query_test/query.rego
 create mode 100644 test/fixtures/get_queries_test/common_query.rego

diff --git a/pkg/engine/inspector_test.go b/pkg/engine/inspector_test.go
index 1e5594e1261..c797944e412 100644
--- a/pkg/engine/inspector_test.go
+++ b/pkg/engine/inspector_test.go
@@ -349,11 +349,16 @@ func TestNewInspector(t *testing.T) { // nolint
 	}
 	contentByte, err := os.ReadFile(filepath.FromSlash("./test/fixtures/get_queries_test/content_get_queries.rego"))
 	require.NoError(t, err)
+	contentByte2, err2 := os.ReadFile(filepath.FromSlash("./test/fixtures/get_queries_test/common_query.rego"))
+	require.NoError(t, err2)
 
 	track := &tracker.CITracker{}
 	sources := &mockSource{
-		Source: []string{filepath.FromSlash("./test/fixtures/all_auth_users_get_read_access")},
-		Types:  []string{""},
+		Source: []string{
+			filepath.FromSlash("./test/fixtures/all_auth_users_get_read_access"),
+			filepath.FromSlash("./test/fixtures/common_query_test"),
+		},
+		Types: []string{""},
 	}
 	vbs := DefaultVulnerabilityBuilder
 	opaQueries := make([]*preparedQuery, 0, 1)
@@ -376,6 +381,25 @@ func TestNewInspector(t *testing.T) { // nolint
 			Aggregation: 1,
 		},
 	})
+	opaQueries = append(opaQueries, &preparedQuery{
+		opaQuery: rego.PreparedEvalQuery{},
+		metadata: model.QueryMetadata{
+			Query:     "common_query_test",
+			Content:   string(contentByte2),
+			InputData: "{}",
+			Platform:  "common",
+			Metadata: map[string]interface{}{
+				"id":              "4a3aa2b5-9c87-452c-a3ea-f3e9e3573874",
+				"queryName":       "Common Query Test",
+				"severity":        model.SeverityHigh,
+				"category":        "Best Practices",
+				"descriptionText": "",
+				"descriptionUrl":  "",
+				"platform":        "Common",
+			},
+			Aggregation: 1,
+		},
+	})
 	type args struct {
 		ctx              context.Context
 		source           source.QueriesSource
@@ -432,12 +456,17 @@ func TestNewInspector(t *testing.T) { // nolint
 				t.Errorf("NewInspector() error: got = %v,\n wantErr = %v", err, tt.wantErr)
 				return
 			}
-			gotStrMetadata, err := test.StringifyStruct(got.queries[0].metadata)
-			require.Nil(t, err)
-			wantStrMetadata, err := test.StringifyStruct(tt.want.queries[0].metadata)
-			require.Nil(t, err)
-			if !reflect.DeepEqual(got.queries[0].metadata, tt.want.queries[0].metadata) {
-				t.Errorf("NewInspector() metadata: got = %v,\n want = %v", gotStrMetadata, wantStrMetadata)
+
+			require.Equal(t, len(tt.want.queries), len(got.queries))
+
+			for idx := 0; idx < len(tt.want.queries); idx++ {
+				gotStrMetadata, err := test.StringifyStruct(got.queries[idx].metadata)
+				require.Nil(t, err)
+				wantStrMetadata, err := test.StringifyStruct(tt.want.queries[idx].metadata)
+				require.Nil(t, err)
+				if !reflect.DeepEqual(got.queries[idx].metadata, tt.want.queries[idx].metadata) {
+					t.Errorf("NewInspector() metadata: got = %v,\n want = %v", gotStrMetadata, wantStrMetadata)
+				}
 			}
 
 			gotStrTracker, err := test.StringifyStruct(got.tracker)
diff --git a/test/fixtures/common_query_test/metadata.json b/test/fixtures/common_query_test/metadata.json
new file mode 100644
index 00000000000..69345b4bbe6
--- /dev/null
+++ b/test/fixtures/common_query_test/metadata.json
@@ -0,0 +1,9 @@
+{
+  "id": "4a3aa2b5-9c87-452c-a3ea-f3e9e3573874",
+  "queryName": "Common Query Test",
+  "severity": "HIGH",
+  "category": "Best Practices",
+  "descriptionText": "",
+  "descriptionUrl": "",
+  "platform": "Common"
+}
diff --git a/test/fixtures/common_query_test/query.rego b/test/fixtures/common_query_test/query.rego
new file mode 100644
index 00000000000..b4ea1df48da
--- /dev/null
+++ b/test/fixtures/common_query_test/query.rego
@@ -0,0 +1,13 @@
+package Cx
+
+CxPolicy[result] {
+	input.document[i]
+
+	result := {
+		"documentId": input.document[i].id,
+		"searchKey": "",
+		"issueType": "RedundantAttribute",
+		"keyExpectedValue": "",
+		"keyActualValue": "",
+	}
+}
diff --git a/test/fixtures/get_queries_test/common_query.rego b/test/fixtures/get_queries_test/common_query.rego
new file mode 100644
index 00000000000..b4ea1df48da
--- /dev/null
+++ b/test/fixtures/get_queries_test/common_query.rego
@@ -0,0 +1,13 @@
+package Cx
+
+CxPolicy[result] {
+	input.document[i]
+
+	result := {
+		"documentId": input.document[i].id,
+		"searchKey": "",
+		"issueType": "RedundantAttribute",
+		"keyExpectedValue": "",
+		"keyActualValue": "",
+	}
+}