github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

control scan by id

Browse Source
This commit is contained in:
kooomix
2022-12-14 13:42:52 +02:00
parent 16073d6872
commit 3a404f29fa
3 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
core/cautils/scaninfo.go
View File

@@ -94,7 +94,8 @@ const (
) )
type PolicyIdentifier struct { type PolicyIdentifier struct {
Name string // policy name e.g. nsa,mitre,c-0012 ID string // policy ID e.g. c-0012 - relevant only to kind=control
Name string // policy name e.g. nsa,mitre
Kind apisv1.NotificationPolicyKind // policy kind e.g. Framework,Control,Rule Kind apisv1.NotificationPolicyKind // policy kind e.g. Framework,Control,Rule
Designators armotypes.PortalDesignator Designators armotypes.PortalDesignator
} }
@@ -214,7 +215,13 @@ func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind apisv1.No
if !scanInfo.contains(policy) { if !scanInfo.contains(policy) {
newPolicy := PolicyIdentifier{} newPolicy := PolicyIdentifier{}
newPolicy.Kind = kind newPolicy.Kind = kind
newPolicy.Name = policy // control can be identified only by it's id.
if kind == apisv1.KindControl {
newPolicy.ID = policy
} else {
newPolicy.Name = policy
}
scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy) scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
} }
} }

6
core/pkg/policyhandler/handlepullpolicies.go
View File

@@ -73,15 +73,15 @@ func (policyHandler *PolicyHandler) getScanPolicies(policyIdentifier []cautils.P
f := reporthandling.Framework{} f := reporthandling.Framework{}
var receivedControl *reporthandling.Control var receivedControl *reporthandling.Control
var err error var err error
for _, rule := range policyIdentifier { for _, policy := range policyIdentifier {
receivedControl, err = policyHandler.getters.PolicyGetter.GetControl(rule.Name) receivedControl, err = policyHandler.getters.PolicyGetter.GetControl(policy.ID)
if err != nil { if err != nil {
return frameworks, policyDownloadError(err) return frameworks, policyDownloadError(err)
} }
if receivedControl != nil { if receivedControl != nil {
f.Controls = append(f.Controls, *receivedControl) f.Controls = append(f.Controls, *receivedControl)
cache := getter.GetDefaultPath(rule.Name + ".json") cache := getter.GetDefaultPath(policy.ID + ".json")
if err := getter.SaveInFile(receivedControl, cache); err != nil { if err := getter.SaveInFile(receivedControl, cache); err != nil {
logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err)) logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
} }

6
smoke_testing/test_scan.py
View File

@@ -48,9 +48,9 @@ def run(kubescape_exec: str):
# msg = scan_all(kubescape_exec=kubescape_exec) # msg = scan_all(kubescape_exec=kubescape_exec)
# smoke_utils.assertion(msg) # smoke_utils.assertion(msg)
print("Testing scan control name") # print("Testing scan control name")
msg = scan_control_name(kubescape_exec=kubescape_exec) # msg = scan_control_name(kubescape_exec=kubescape_exec)
smoke_utils.assertion(msg) # smoke_utils.assertion(msg)
print("Testing scan control id") print("Testing scan control id")
msg = scan_control_id(kubescape_exec=kubescape_exec) msg = scan_control_id(kubescape_exec=kubescape_exec)