feat(general): Allow skipping multiple checks in a single line

[shoshiGit]

User description

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

This pull request enhances Checkov to support skipping multiple checks in a single line for Terraform configurations. Currently, individual skip comments are required for each check, which can be cumbersome. This enhancement allows specifying multiple checks to skip in a single line.

Fixes # #5381

Changes made:

Added functionality to parse multiple checks in the checkov:skip comment.
Updated documentation to reflect the new capability.

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my feature, policy, or fix is effective and works
• New and existing tests pass locally with my changes

---

Generated description

Below is a concise technical summary of the changes proposed in this PR:

Enhances Checkov to support skipping multiple checks in a single line for Terraform configurations. Modifies the comment parsing logic in checkov/common/comment/enum.py and checkov/terraform/context_parsers/base_parser.py to allow multiple check IDs in a single skip comment. Adds new test cases in tests/terraform/checks/a_example_skip/main.tf and tests/terraform/checks/test_multiple_skips.py to verify the new functionality.

Topic	Details
Testing	Adds test cases to verify the new multiple skip functionality Modified files (2) tests/terraform/checks/test_multiple_skips.py tests/terraform/checks/a_example_skip/main.tf Latest Contributors(0) User Commit Date
Multiple Skip Support	Implements the ability to skip multiple checks in a single line comment for Terraform configurations Modified files (2) checkov/terraform/context_parsers/base_parser.py checkov/common/comment/enum.py Latest Contributors(2) User Commit Date RabeaZr feat-general-add-corte... December 16, 2024 tazuri@paloaltonetwork... feat-terraform-Add-mul... December 05, 2024

This pull request is reviewed by Baz. Join @shoshiGit and the rest of your team on (Baz).

[ChanochShayner]

Very Nice! 🥇

[ChanochShayner]

Suggested change

	test_files_dir = Path(__file__).parent / "a example skip"
	test_files_dir = Path(__file__).parent / "a_example_skip"

Please use one word in the file names.

[ChanochShayner]

Please assert the skipped part in the reports by resource -
We want to be sure default and skip_invalid are with one skip, and skip_more_than_one is with 2 skips.

[ChanochShayner]

It would be great if you could create another resource that we are skipping multiple checks (maybe all the checks that the resource should fail on).

[ChanochShayner]

Another point -
Please do the new regex and comment extraction behind an environment variable -

should_allow_multi_checks_skip = strtobool(os.getenv('CHECKOV_ALLOW_SKIP_MULTIPLE_ONE_LINE', 'False'))

And do every change by condition if should_allow_multi_checks_skip is True.

[ChanochShayner]

Suggested change

	should_allow_multi_checks_skip = bool(os.getenv('CHECKOV_ALLOW_SKIP_MULTIPLE_ONE_LINE', 'False'))
	should_allow_multi_checks_skip = strtobool(os.getenv('CHECKOV_ALLOW_SKIP_MULTIPLE_ONE_LINE', 'False'))

bool('False') equal to True.

[MaryArmaly]

Hey @shoshiGit,
Could you please solve the conflicts so we can move on with this PR? Thanks!

[MaryArmaly]

Hey @shoshiGit,
We noticed that this PR has already been resolved by: #6860
Could you please close this PR if that's the case?
Thank you!