Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(general): update checks_metadata structure #3929

Merged
merged 4 commits into from
Nov 24, 2022

Conversation

arielkru
Copy link
Contributor

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

check_meatada.json should be a dict of resourceIds as keys, with each of the resourceIds containing a dict with check_ids as keys and the metadata as values.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

Copy link
Contributor

@marynaKK marynaKK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

had 2 comments :) 🍒
Also, a Q as I do not fully understand - are the resource_id the same as the one we are changing in places like gha, azure pipelines, IR? if they are - they are different from the id that is used here. Is this an issue?

checkov/common/bridgecrew/wrapper.py Outdated Show resolved Hide resolved
checkov/common/bridgecrew/wrapper.py Outdated Show resolved Hide resolved
@arielkru
Copy link
Contributor Author

had 2 comments :) 🍒 Also, a Q as I do not fully understand - are the resource_id the same as the one we are changing in places like gha, azure pipelines, IR? if they are - they are different from the id that is used here. Is this an issue?

@marynaKK good q, it shouldn't be an issue because the resourceId here doesnt change the resourceIds in the reports, it just fits the way we expect resource keys to appear in the checks_metadata.json file.
So for example an azure_pipelines resource is saved under the key: /azure-pipelines.yaml:jobs[0](FailTag) and that's ok

@arielkru arielkru merged commit cca52ea into master Nov 24, 2022
@arielkru arielkru deleted the update-checks-metadata-structure branch November 24, 2022 10:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants