chore(terraform): remove os.OpenPath call from terraform file functions (#8737)

Author: Emyrk

pkg/iac/scanners/terraform/parser/funcs/filesystem.go

@@ -368,10 +368,11 @@ func openFile(target fs.FS, baseDir, path string) (fs.File, error) {
 	// Trivy uses a virtual file system
 	path = filepath.ToSlash(path)
 
-	if target != nil {
-		return target.Open(path)
+	if target == nil {
+		return nil, fmt.Errorf("open file %q, filesystem is nil", path)
 	}
-	return os.Open(path)
+
+	return target.Open(path)
 }
 
 func readFileBytes(target fs.FS, baseDir, path string) ([]byte, error) {

pkg/iac/scanners/terraform/parser/parser.go

@@ -143,7 +143,9 @@ func (p *Parser) ParseFile(_ context.Context, fullPath string) error {
 
 // ParseFS parses a root module, where it exists at the root of the provided filesystem
 func (p *Parser) ParseFS(ctx context.Context, dir string) error {
-
+	if p.moduleFS == nil {
+		return errors.New("module filesystem is nil, nothing to parse")
+	}
 	dir = path.Clean(dir)
 
 	if p.projectRoot == "" {

pkg/iac/scanners/terraform/parser/parser_test.go

@@ -2428,6 +2428,14 @@ func TestLoadChildModulesFromLocalCache(t *testing.T) {
 	assert.Contains(t, buf.String(), "Using module from Terraform cache .terraform/modules\tsource=\"../level_3\"")
 }
 
+func TestNilParser(t *testing.T) {
+	parser := New(
+		nil, "",
+	)
+	err := parser.ParseFS(t.Context(), ".")
+	require.Error(t, err)
+}
+
 func TestLogParseErrors(t *testing.T) {
 	var buf bytes.Buffer
 	slog.SetDefault(slog.New(log.NewHandler(&buf, nil)))