Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds: dir scan errors in human readable output format #1196

Merged
merged 4 commits into from
Apr 1, 2022
Merged

Adds: dir scan errors in human readable output format #1196

merged 4 commits into from
Apr 1, 2022

Conversation

Rchanger
Copy link
Contributor

@Rchanger Rchanger commented Mar 23, 2022
edited
Loading

Now human-readable(default) out format will also include the scan errors.

Example of output with errors.

Scan Errors - 

	IaC Type            :	arm
	Directory           :	/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	Error Message       :	ARM files not found in the directory /terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	
	-----------------------------------------------------------------------
	
	IaC Type            :	docker
	Directory           :	/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	Error Message       :	Dockerfile not found in the directory /terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	
	-----------------------------------------------------------------------
	
	IaC Type            :	cft
	Directory           :	/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	Error Message       :	error while loading iac file '/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation/config.yaml', err: failed to find valid Resources key in file: /terrascan/test/e2e/test_data/iac/aws/aws_ami_violation/config.yaml
	
	-----------------------------------------------------------------------
	
	IaC Type            :	kustomize
	Directory           :	/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	Error Message       :	kustomization.y(a)ml file not found in the directory /terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	
	-----------------------------------------------------------------------
	
	IaC Type            :	helm
	Directory           :	/Users/suvarna/go/src/github.com/rchanger/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	Error Message       :	no helm charts found in directory /Users/suvarna/go/src/github.com/rchanger/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	
	-----------------------------------------------------------------------
	
	

Violation Details -
    
	Description    :	Enable AWS AMI Encryption
	File           :	main.tf
	Module Name    :	root
	Plan Root      :	./
	Line           :	5
	Severity       :	MEDIUM
	
	-----------------------------------------------------------------------
	
	Description    :	TLS disabled can affect the confidentiality of the data in transit
	File           :	config.yaml
	Line           :	1
	Severity       :	HIGH
	
	-----------------------------------------------------------------------
	

Scan Summary -

	File/Folder         :	/Users/suvarna/go/src/github.com/rchanger/terrascan/test/e2e/test_data/iac/aws/aws_ami_violation
	IaC Type            :	k8s,terraform
	Scanned At          :	2022-03-25 06:53:32.16055 +0000 UTC
	Policies Validated  :	8
	Violated Policies   :	2
	Low                 :	0
	Medium              :	1
	High                :	1

@Rchanger Rchanger requested a review from a team as a code owner March 23, 2022 11:42
@codecov
Copy link

codecov bot commented Mar 23, 2022
edited
Loading

Codecov Report

Merging #1196 (e574c31) into master (d2cf489) will decrease coverage by 0.05%.
The diff coverage is 72.09%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1196      +/-   ##
==========================================
- Coverage   77.82%   77.77%   -0.06%     
==========================================
  Files         272      272              
  Lines        7643     7675      +32     
==========================================
+ Hits         5948     5969      +21     
- Misses       1345     1353       +8     
- Partials      350      353       +3
Impacted Files Coverage Δ
pkg/iac-providers/kubernetes/v1/types.go 100.00% <ø> (ø)
pkg/iac-providers/kustomize/commons/load-dir.go 57.89% <ø> (-0.34%) ⬇️
pkg/iac-providers/kustomize/v2/load-dir.go 0.00% <0.00%> (ø)
pkg/iac-providers/kustomize/v3/load-dir.go 0.00% <0.00%> (ø)
pkg/iac-providers/terraform/v12/load-dir.go 66.66% <0.00%> (-33.34%) ⬇️
pkg/iac-providers/tfplan/v1/load-dir.go 50.00% <0.00%> (-50.00%) ⬇️
pkg/iac-providers/kubernetes/v1/load-dir.go 65.38% <25.00%> (-7.35%) ⬇️
pkg/iac-providers/cft/v1/load-dir.go 84.21% <40.00%> (-15.79%) ⬇️
pkg/runtime/executor.go 90.69% <81.81%> (-0.77%) ⬇️
pkg/iac-providers/arm/v1/load-dir.go 69.49% <100.00%> (+2.21%) ⬆️
... and 6 more

@cesar-rodriguez
Copy link
Contributor

Can we also change the dockerfile warning so that it's displayed as part of these errors. Maybe a separate warning section as it's actually not an error.

@cesar-rodriguez
Copy link
Contributor

cesar-rodriguez commented Mar 24, 2022
edited
Loading

Also, in the scan summary can we add which IaC types were discovered?

@Rchanger Rchanger force-pushed the direrr_in_human_readable_output branch 2 times, most recently from 64eceeb to 2032904 Compare March 25, 2022 06:49
cesar-rodriguez
cesar-rodriguez previously approved these changes Apr 1, 2022
View reviewed changes
@Rchanger Rchanger force-pushed the direrr_in_human_readable_output branch from 2032904 to a63d40c Compare April 1, 2022 04:28
@sonarcloud
Copy link

sonarcloud bot commented Apr 1, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@patilpankaj212 patilpankaj212 merged commit a59fc2b into tenable:master Apr 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@patilpankaj212 patilpankaj212 patilpankaj212 approved these changes

@cesar-rodriguez cesar-rodriguez cesar-rodriguez left review comments

@bkizer-tenable bkizer-tenable Awaiting requested review from bkizer-tenable bkizer-tenable is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Rchanger @cesar-rodriguez @patilpankaj212