Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server mode: take file extension from uploaded file #593

Merged
merged 1 commit into from
Mar 9, 2021
Merged

Server mode: take file extension from uploaded file #593

merged 1 commit into from
Mar 9, 2021

Conversation

jlk
Copy link
Contributor

@jlk jlk commented Mar 9, 2021

Changes to take temp file extension from uploaded file so we can support more than .tf when in server mode.

Alternately - I was thinking of adding GetDefaultExtension() to each of the iac-providers and then naming the temp file based on the iac type passed. That might be a little more secure, but not by very much. Gimme thoughts...

Take file extension from uploaded file
eb11cfe 
This adds support for scanning yml, json, etc.
Slight security issue here taking file type from caller, but that issue already exists
and I haven't fully evaluated the risk there...
@sonarcloud
Copy link

sonarcloud bot commented Mar 9, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@codecov
Copy link

codecov bot commented Mar 9, 2021

Codecov Report

Merging #593 (eb11cfe) into master (4df6ce6) will increase coverage by 0.02%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #593      +/-   ##
==========================================
+ Coverage   77.65%   77.68%   +0.02%     
==========================================
  Files         102      102              
  Lines        2524     2527       +3     
==========================================
+ Hits         1960     1963       +3     
  Misses        420      420              
  Partials      144      144
Impacted Files Coverage Δ
pkg/http-server/file-scan.go 74.03% <100.00%> (+0.77%) ⬆️

patilpankaj212
patilpankaj212 approved these changes Mar 9, 2021
View reviewed changes
Copy link
Contributor

@patilpankaj212 patilpankaj212 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!!

@kanchwala-yusuf
Copy link
Contributor

I was thinking of adding GetDefaultExtension() to each of the iac-providers and then naming the temp file based on the iac type passed.

It is good an idea to add extensions based on iac-type. But, the changes in the current PR look good to me. We can add extensions based on iac-types if the current implementation fails for some scenario.

@kanchwala-yusuf kanchwala-yusuf merged commit 9546bcc into tenable:master Mar 9, 2021
kanchwala-yusuf pushed a commit to kanchwala-yusuf/terrascan that referenced this pull request Mar 9, 2021
Revert "Take file extension from uploaded file (tenable#593)"
7d9a381 
This reverts commit 9546bcc.
@jlk jlk deleted the fix-yaml-upload branch March 10, 2021 18:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kanchwala-yusuf kanchwala-yusuf kanchwala-yusuf approved these changes

@patilpankaj212 patilpankaj212 patilpankaj212 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jlk @kanchwala-yusuf @patilpankaj212