Initial commit

Author: rafaelherik

.gitignore

@@ -0,0 +1,80 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+dist/
+build/
+*.egg-info/
+*.egg
+
+# Virtual environments
+venv/
+env/
+.env/
+.venv/
+ENV/
+
+# IDE specific files
+.idea/
+.vscode/
+*.swp
+*.swo
+.DS_Store
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# pyenv
+.python-version
+
+# Logs
+*.log
+
+# Local development settings
+.env
+.env.local
+.env.*.local
+
+# Database files
+*.db
+*.sqlite3
+*.sqlite
+
+# Documentation
+docs/_build/
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# pipenv
+Pipfile.lock
+
+# poetry
+poetry.lock

README.md

@@ -0,0 +1,71 @@
+# TFSumPy - Terraform Plan Analyzer
+
+TFSumPy is a Python-based tool that analyzes Terraform plan files to provide a clear summary of infrastructure changes and identify potential risks. It helps DevOps teams review infrastructure changes more effectively by:
+
+- Summarizing resource changes (create, update, delete)
+- Identifying high and medium risk changes
+- Automatically redacting sensitive information
+- Providing detailed resource-level reporting
+
+## Features
+
+- 🔍 Analyzes Terraform plan JSON output
+- ⚠️ Identifies high-risk changes (deletions of critical resources, security group modifications)
+- 🔒 Automatically redacts sensitive information (credentials, IPs, resource names)
+- 📊 Provides clear summary statistics
+- 🛡️ Supports both pre and post Terraform 0.12 plan formats
+
+## Installation
+
+Currently, TFSumPy can only be installed from source:
+
+```bash
+git clone https://github.com/notry-cloud/tfsumpy.git
+cd tfsumpy
+pip install .
+```
+
+## Usage
+
+```bash
+terraform plan -out=tfplan
+terraform show -json tfplan > plan.json
+````
+
+```bash
+tfsumpy -i plan.json
+
+Infrastructure Change Analysis
+==============================
+Total Changes: 5
+Create: 2
+Update: 2
+Delete: 1
+
+Risk Assessment:
+
+High Risks:
+- High risk: Security-related configuration change
+Medium Risks:
+ - Medium risk: Version change could cause compatibility issues
+Resource Details:
+- CREATE aws_s3_bucket: project-storage-[REDACTED]
+- UPDATE aws_security_group: app-sg-[REDACTED]
+- UPDATE aws_ecs_service: api-service
+- DELETE aws_iam_role: legacy-role
+- CREATE aws_lambda_function: processor-function
+
+```
+
+## Requirements
+
+- Python 3.7 or higher
+- Terraform 0.12 or higher (for plan generation)
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+## License
+
+This project is licensed under the MIT License - see the LICENSE file for details.

samples/sample1.json

@@ -0,0 +1,118 @@
+{
+    "format_version": "1.1",
+    "terraform_version": "1.5.0",
+    "planned_values": {
+      "root_module": {
+        "resources": [
+          {
+            "address": "aws_s3_bucket.example",
+            "mode": "managed",
+            "type": "aws_s3_bucket",
+            "name": "example",
+            "provider_name": "registry.terraform.io/hashicorp/aws",
+            "schema_version": 0,
+            "values": {
+              "bucket": "my-test-bucket",
+              "force_destroy": false,
+              "tags": {
+                "Environment": "Dev",
+                "Name": "My bucket"
+              }
+            }
+          },
+          {
+            "address": "aws_instance.web_server",
+            "mode": "managed",
+            "type": "aws_instance",
+            "name": "web_server",
+            "provider_name": "registry.terraform.io/hashicorp/aws",
+            "schema_version": 1,
+            "values": {
+              "ami": "ami-0c55b159cbfafe1f0",
+              "instance_type": "t2.micro",
+              "tags": {
+                "Name": "WebServer"
+              }
+            }
+          }
+        ]
+      }
+    },
+    "resource_changes": [
+      {
+        "address": "aws_s3_bucket.example",
+        "mode": "managed",
+        "type": "aws_s3_bucket",
+        "name": "example",
+        "provider_name": "registry.terraform.io/hashicorp/aws",
+        "change": {
+          "actions": [
+            "create"
+          ],
+          "before": null,
+          "after": {
+            "bucket": "my-test-bucket",
+            "force_destroy": false,
+            "tags": {
+              "Environment": "Dev",
+              "Name": "My bucket"
+            }
+          }
+        }
+      },
+      {
+        "address": "aws_instance.web_server",
+        "mode": "managed",
+        "type": "aws_instance",
+        "name": "web_server",
+        "provider_name": "registry.terraform.io/hashicorp/aws",
+        "change": {
+          "actions": [
+            "update"
+          ],
+          "before": {
+            "ami": "ami-0c55b159cbfafe1f0",
+            "instance_type": "t2.nano",
+            "tags": {
+              "Name": "WebServer"
+            }
+          },
+          "after": {
+            "ami": "ami-0c55b159cbfafe1f0",
+            "instance_type": "t2.micro",
+            "tags": {
+              "Name": "WebServer"
+            }
+          }
+        }
+      },
+      {
+        "address": "aws_security_group.obsolete",
+        "mode": "managed",
+        "type": "aws_security_group",
+        "name": "obsolete",
+        "provider_name": "registry.terraform.io/hashicorp/aws",
+        "change": {
+          "actions": [
+            "delete"
+          ],
+          "before": {
+            "description": "Obsolete security group",
+            "name": "obsolete-sg",
+            "tags": {
+              "Name": "ObsoleteSG"
+            }
+          },
+          "after": null
+        }
+      }
+    ],
+    "configuration": {
+      "provider_config": {
+        "aws": {
+          "name": "aws",
+          "version_constraint": "~> 4.0"
+        }
+      }
+    }
+  }

setup.py

@@ -0,0 +1,33 @@
+from setuptools import setup, find_packages
+
+setup(
+    name='tfsumpy',
+    version='0.0.1-alpha',
+    description='A Python tool for Terraform state summary and analysis',
+    long_description=open('README.md').read(),
+    long_description_content_type='text/markdown',
+    author='Notry',
+    author_email='[email protected]',
+    url='https://github.com/notry-cloud/tfsumpy',
+    packages=find_packages(),
+    entry_points={
+        'console_scripts': [
+            'tfsumpy=tfsumpy.__main__:main'
+        ]
+    },
+    python_requires='>=3.10',
+    install_requires=[
+        # Add your dependencies here
+    ],
+    classifiers=[
+        'Development Status :: 3 - Alpha',
+        'Intended Audience :: Developers',
+        'License :: OSI Approved :: MIT License',
+        'Programming Language :: Python :: 3.10',
+        'Programming Language :: Python :: 3.11',
+        'Programming Language :: Python :: 3.12',
+        'Topic :: Software Development :: Build Tools',
+        'Topic :: System :: Systems Administration',
+    ],
+    keywords='terraform, infrastructure, cloud, DevOps',
+)   

tfsumpy/__init__.py

@@ -0,0 +1,6 @@
+from .plan_analyzer import LocalPlanAnalyzer
+from .resource import ResourceChange
+
+__version__ = '0.1.0'
+
+__all__ = ['LocalPlanAnalyzer', 'ResourceChange']

tfsumpy/__main__.py

@@ -0,0 +1,28 @@
+import logging
+import argparse
+from .plan_analyzer import LocalPlanAnalyzer
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+def main():
+    # Add argument parser
+    parser = argparse.ArgumentParser(description='Analyze Terraform plan file')
+    parser.add_argument('-i', '--input', 
+                       required=True,
+                       help='Path to the plan file to analyze')
+    
+    args = parser.parse_args()
+    
+    analyzer = LocalPlanAnalyzer()
+    try:
+        report = analyzer.generate_report(args.input)
+        analyzer.print_report(report)
+    except FileNotFoundError:
+        logger.error("Plan file not found")
+    except Exception as e:
+        logger.error(f"Processing failed: {str(e)}")
+
+if __name__ == "__main__":
+    main()