fix unit tests and some more rego linting problems

assets/queries/ansible/aws/aws_password_policy_with_unchangeable_passwords/query.rego

@@ -22,9 +22,12 @@ CxPolicy[result] {
 	}
 }
 
-issueType(str) = "MissingAttribute" {
-	str == ""
-} else = "IncorrectValue"
+issueType(str) = issueType {
+    issueType = "MissingAttribute"
+    str == ""
+} else = issueType {
+    issueType = "IncorrectValue"
+}
 
 checkAllowPass(pwPolicy) = ".allow_pw_change" {
 	ansLib.isAnsibleFalse(pwPolicy.allow_pw_change)

assets/queries/ansible/aws/password_without_reuse_prevention/query.rego

@@ -25,7 +25,7 @@ CxPolicy[result] {
 issueType("") = "MissingAttribute"
 
 issueType(str) = "IncorrectValue" {
-    str != ""
+	str != ""
 }
 
 checkPwReusePrevent(pwPolicy) = ".password_reuse_prevent" {

assets/queries/azureResourceManager/storage_logging_for_read_write_delete_requests_disabled/query.rego

@@ -5,7 +5,7 @@ import future.keywords.in
 
 CxPolicy[result] {
 	cats := ["StorageRead", "StorageWrite", "StorageDelete"]
-	
+
 	some doc in input.document
 	[path, value] = walk(doc)
 

assets/queries/cloudFormation/aws/api_gateway_xray_disabled/query.rego

@@ -39,6 +39,6 @@ CxPolicy[result] {
 	}
 }
 
-isResFalse("false") = true 
+isResFalse("false") = true
 
 isResFalse(false) = true

assets/queries/cloudFormation/aws/cdn_configuration_is_missing/query.rego

@@ -44,6 +44,6 @@ CxPolicy[result] {
 	}
 }
 
-isFalse(false) = true 
+isFalse(false) = true
 
 isFalse("false") = true

assets/queries/cloudFormation/aws/msk_cluster_encryption_disabled/query.rego

@@ -63,4 +63,4 @@ CxPolicy[result] {
 
 isResFalse("false") = true
 
-isResFalse(false) = true 
+isResFalse(false) = true

assets/queries/cloudFormation/aws/unscanned_ecr_image/query.rego

@@ -42,6 +42,6 @@ CxPolicy[result] {
 	}
 }
 
-isResFalse("false") = true 
+isResFalse("false") = true
 
 isResFalse(false) = true

assets/queries/cloudFormation/aws/vulnerable_default_ssl_certificate/query.rego

@@ -47,7 +47,7 @@ CxPolicy[result] {
 	}
 }
 
-isAttrTrue("true") = true 
+isAttrTrue("true") = true
 
 isAttrTrue(true) = true
 

assets/queries/dockerfile/update_instruction_alone/query.rego

@@ -47,7 +47,7 @@ CxPolicy[result] {
 	install := [x | x := getDetail(commandRefactor, pkg_installer[packageManager][_]); count(x) > 0]
 	count(install) == 0
 
-	#Check if any of the next commands is RUN install Command and there is not Update Command
+	# Check if any of the next commands is RUN install Command and there is not Update Command
 	nextResources := array.slice(doc.command[name], n + 1, count(doc.command[name]))
 	nextResource := nextResources[_]
 	nextCommandRefactor := getRunCommand(nextResource)
@@ -110,9 +110,7 @@ getRunCommand(resource) = commandRefactor {
 	commandRefactor := [x | x := commandList[_]; x != ""]
 }
 
-getDetail(commandRefactor, value) = list {
-	list := [u | commandRefactor[u] == value]
-}
+getDetail(commandRefactor, value) := [u | commandRefactor[u] == value]
 
 checkFollowedBy(first, after) {
 	first[_] < after[_]

assets/queries/k8s/missing_app_armor_config/query.rego

@@ -2,6 +2,7 @@ package Cx
 
 import data.generic.common as common_lib
 import data.generic.k8s as k8sLib
+import future.keywords.in
 
 types := {"initContainers", "containers"}
 
@@ -17,14 +18,14 @@ getMetadataInfo(document) = metadataInfo {
 	metadataInfo := {"metadata": metadata, "path": ""}
 }
 
+isValidAppArmorProfile("runtime/default") = true
+
 isValidAppArmorProfile(profile) {
-	profile == "runtime/default"
-} else {
 	startswith(profile, "localhost/")
 }
 
 CxPolicy[result] {
-	document := input.document[i]
+	some document in input.document
 	metadata := document.metadata
 
 	specInfo := k8sLib.getSpecInfo(document)
@@ -49,7 +50,7 @@ CxPolicy[result] {
 }
 
 CxPolicy[result] {
-	document := input.document[i]
+	some document in input.document
 	metadata := document.metadata
 
 	specInfo := k8sLib.getSpecInfo(document)

assets/queries/openAPI/general/paths_object_empty/query.rego

@@ -25,7 +25,7 @@ CxPolicy[result] {
 
 # In yaml an empty object is parsed into null
 check_paths_object(paths) {
-    paths == null
+	paths == null
 } else {
-    count(paths) == 0
+	count(paths) == 0
 }

assets/queries/openAPI/general/type_has_invalid_keyword/query.rego

@@ -2,6 +2,7 @@ package Cx
 
 import data.generic.common as common_lib
 import data.generic.openapi as openapi_lib
+import future.keywords.in
 
 specificKeywords := {
 	"numeric": ["multipleOf", "maximum", "minimum", "exclusiveMaximum", "exclusiveMinimum"],
@@ -11,7 +12,7 @@ specificKeywords := {
 }
 
 CxPolicy[result] {
-	doc := input.document[i]
+	some doc in input.document
 	version := openapi_lib.check_openapi(doc)
 	version != "undefined"
 

assets/queries/terraform/aws/docdb_logging_disabled/query.rego

@@ -62,5 +62,5 @@ CxPolicy[result] {
 }
 
 exist(obj, key) {
-	key in obj
+	_ = obj[key]
 }

assets/queries/terraform/aws/mq_broker_logging_disabled/query.rego

@@ -65,5 +65,5 @@ CxPolicy[result] {
 }
 
 has_key(obj, key) {
-	key in obj
+	_ = obj[key]
 }

assets/queries/terraform/aws/msk_cluster_encryption_disabled/query.rego

@@ -1,14 +1,16 @@
 package Cx
 
 import data.generic.terraform as tf_lib
+import future.keywords.in
 
 CxPolicy[result] {
-	msk_cluster := input.document[i].resource.aws_msk_cluster[name]
+	some doc in input.document
+	msk_cluster := doc.resource.aws_msk_cluster[name]
 	problems := checkEncryption(msk_cluster)
 	problems != "none"
 
 	result := {
-		"documentId": input.document[i].id,
+		"documentId": doc.id,
 		"resourceType": "aws_msk_cluster",
 		"resourceName": tf_lib.get_specific_resource_name(msk_cluster, "aws_msk_cluster", name),
 		"searchKey": getSearchKey(problems, name),
@@ -42,6 +44,9 @@ getSearchKey(problems, name) = str {
 	str := concat("", [defaultSearchValue, problems])
 }
 
-getIssueType(problems) = "MissingAttribute" {
+getIssueType(problems) = issueType {
+	issueType = "MissingAttribute"
 	problems == ""
-} else = "IncorrectValue"
+} else = issueType {
+	issueType = "IncorrectValue"
+}

assets/queries/terraform/aws/neptune_logging_disabled/query.rego

@@ -61,5 +61,5 @@ CxPolicy[result] {
 }
 
 exist(obj, key) {
-	key in obj
+	_ = obj[key]
 }

assets/queries/terraform/azure/default_azure_storage_account_network_access_is_too_permissive/query.rego

@@ -127,5 +127,5 @@ aclsDefaultActionAllow(network_rules) = reason {
 }
 
 has_key(x, k) {
-	some k in x
+	k in x
 }