Merge branch 'dev' into dev

fix ControlsInputsGetter init
2026-04-15 06:58:11 +00:00 · 2021-12-26 14:43:06 +02:00 · 2021-12-23 17:39:49 +02:00 · 2021-12-23 17:31:23 +02:00 · 2021-12-23 16:48:29 +02:00 · 2021-12-23 10:33:23 +02:00
12 changed files with 52 additions and 31 deletions
--- a/cautils/display.go
+++ b/cautils/display.go
@@ -35,15 +35,15 @@ func ScanStartDisplay() {
 	if IsSilent() {
 		return
 	}
-	InfoDisplay(os.Stdout, "ARMO security scanner starting\n")
+	InfoDisplay(os.Stderr, "ARMO security scanner starting\n")
 }

 func SuccessTextDisplay(str string) {
 	if IsSilent() {
 		return
 	}
-	SuccessDisplay(os.Stdout, "[success] ")
-	SimpleDisplay(os.Stdout, fmt.Sprintf("%s\n", str))
+	SuccessDisplay(os.Stderr, "[success] ")
+	SimpleDisplay(os.Stderr, fmt.Sprintf("%s\n", str))

 }

@@ -60,8 +60,8 @@ func ProgressTextDisplay(str string) {
 	if IsSilent() {
 		return
 	}
-	InfoDisplay(os.Stdout, "[progress] ")
-	SimpleDisplay(os.Stdout, fmt.Sprintf("%s\n", str))
+	InfoDisplay(os.Stderr, "[progress] ")
+	SimpleDisplay(os.Stderr, fmt.Sprintf("%s\n", str))

 }
 func StartSpinner() {
--- a/cautils/getter/downloadreleasedpolicy.go
+++ b/cautils/getter/downloadreleasedpolicy.go
@@ -41,7 +41,19 @@ func (drp *DownloadReleasedPolicy) GetFramework(name string) (*reporthandling.Fr
 	return framework, err
 }

+func (drp *DownloadReleasedPolicy) GetControlsInputs(customerGUID, clusterName string) (map[string][]string, error) {
+	defaultConfigInputs, err := drp.gs.GetDefaultConfigInputs()
+	if err != nil {
+		return nil, err
+	}
+	return defaultConfigInputs.Settings.PostureControlInputs, err
+}
+
 func (drp *DownloadReleasedPolicy) SetRegoObjects() error {
+	fwNames, err := drp.gs.GetOPAFrameworksNamesList()
+	if len(fwNames) != 0 && err == nil {
+		return nil
+	}
 	return drp.gs.SetRegoObjects()
 }

--- a/cautils/scaninfo.go
+++ b/cautils/scaninfo.go
@@ -77,7 +77,6 @@ type Getters struct {
 func (scanInfo *ScanInfo) Init() {
 	scanInfo.setUseFrom()
 	scanInfo.setUseExceptions()
-	scanInfo.setAccountConfig()
 	scanInfo.setOutputFile()

 }
@@ -91,14 +90,6 @@ func (scanInfo *ScanInfo) setUseExceptions() {
 	}
 }

-func (scanInfo *ScanInfo) setAccountConfig() {
-	if scanInfo.ControlsInputs != "" {
-		// load account config from file
-		scanInfo.ControlsInputsGetter = getter.NewLoadPolicy([]string{scanInfo.ControlsInputs})
-	} else {
-		scanInfo.ControlsInputsGetter = getter.GetArmoAPIConnector()
-	}
-}
 func (scanInfo *ScanInfo) setUseFrom() {
 	if scanInfo.UseDefault {
 		for _, policy := range scanInfo.PolicyIdentifier {
--- a/cautils/versioncheck.go
+++ b/cautils/versioncheck.go
@@ -22,7 +22,7 @@ type IVersionCheckHandler interface {

 func NewIVersionCheckHandler() IVersionCheckHandler {
 	if BuildNumber == "" {
-		WarningDisplay(os.Stdout, "Warning: unknown build number, this might affect your scan results. Please make sure you are updated to latest version.\n")
+		WarningDisplay(os.Stderr, "Warning: unknown build number, this might affect your scan results. Please make sure you are updated to latest version.\n")
 	}
 	if v, ok := os.LookupEnv(SKIP_VERSION_CHECK); ok && pkgutils.StringToBool(v) {
 		return NewVersionCheckHandlerMock()
--- a/clihandler/initcli.go
+++ b/clihandler/initcli.go
@@ -7,6 +7,7 @@ import (

 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/cautils/getter"
 	"github.com/armosec/kubescape/clihandler/cliinterfaces"
 	"github.com/armosec/kubescape/hostsensorutils"
 	"github.com/armosec/kubescape/opaprocessor"
@@ -85,8 +86,10 @@ func ScanCliSetup(scanInfo *cautils.ScanInfo) error {
 	interfaces.report.SetClusterName(interfaces.tenantConfig.GetClusterName())
 	interfaces.report.SetCustomerGUID(interfaces.tenantConfig.GetCustomerGUID())

+	downloadReleasedPolicy := getter.NewDownloadReleasedPolicy() // download config inputs from github release
 	// set policy getter only after setting the customerGUID
-	setPolicyGetter(scanInfo, interfaces.tenantConfig.GetCustomerGUID())
+	setPolicyGetter(scanInfo, interfaces.tenantConfig.GetCustomerGUID(), downloadReleasedPolicy)
+	setConfigInputsGetter(scanInfo, interfaces.tenantConfig.GetCustomerGUID(), downloadReleasedPolicy)

 	defer func() {
 		if err := interfaces.hostSensorHandler.TearDown(); err != nil {
--- a/clihandler/initcliutils.go
+++ b/clihandler/initcliutils.go
@@ -136,25 +136,40 @@ func setSubmitBehavior(scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenantC
 }

 // setPolicyGetter set the policy getter - local file/github release/ArmoAPI
-func setPolicyGetter(scanInfo *cautils.ScanInfo, customerGUID string) {
+func setPolicyGetter(scanInfo *cautils.ScanInfo, customerGUID string, downloadReleasedPolicy *getter.DownloadReleasedPolicy) {
 	if len(scanInfo.UseFrom) > 0 {
 		scanInfo.PolicyGetter = getter.NewLoadPolicy(scanInfo.UseFrom)
 	} else {
 		if customerGUID == "" || !scanInfo.FrameworkScan {
-			setDownloadReleasedPolicy(scanInfo)
+			setDownloadReleasedPolicy(scanInfo, downloadReleasedPolicy)
 		} else {
 			setGetArmoAPIConnector(scanInfo, customerGUID)
 		}
 	}
 }

-func setDownloadReleasedPolicy(scanInfo *cautils.ScanInfo) {
-	g := getter.NewDownloadReleasedPolicy()    // download policy from github release
-	if err := g.SetRegoObjects(); err != nil { // if failed to pull policy, fallback to cache
-		cautils.WarningDisplay(os.Stdout, "Warning: failed to get policies from github release, loading policies from cache\n")
+// setConfigInputsGetter sets the config input getter - local file/github release/ArmoAPI
+func setConfigInputsGetter(scanInfo *cautils.ScanInfo, customerGUID string, downloadReleasedPolicy *getter.DownloadReleasedPolicy) {
+	if len(scanInfo.ControlsInputs) > 0 {
+		scanInfo.Getters.ControlsInputsGetter = getter.NewLoadPolicy([]string{scanInfo.ControlsInputs})
+	} else {
+		if customerGUID != "" {
+			scanInfo.Getters.ControlsInputsGetter = getter.GetArmoAPIConnector()
+		} else {
+			if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull config inputs, fallback to BE
+				cautils.WarningDisplay(os.Stderr, "Warning: failed to get config inputs from github release, this may affect the scanning results\n")
+			}
+			scanInfo.Getters.ControlsInputsGetter = downloadReleasedPolicy
+		}
+	}
+}
+
+func setDownloadReleasedPolicy(scanInfo *cautils.ScanInfo, downloadReleasedPolicy *getter.DownloadReleasedPolicy) {
+	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull policy, fallback to cache
+		cautils.WarningDisplay(os.Stderr, "Warning: failed to get policies from github release, loading policies from cache\n")
 		scanInfo.PolicyGetter = getter.NewLoadPolicy(getDefaultFrameworksPaths())
 	} else {
-		scanInfo.PolicyGetter = g
+		scanInfo.PolicyGetter = downloadReleasedPolicy
 	}
 }
 func setGetArmoAPIConnector(scanInfo *cautils.ScanInfo, customerGUID string) {
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/armosec/armoapi-go v0.0.23
 	github.com/armosec/k8s-interface v0.0.50
-	github.com/armosec/opa-utils v0.0.75
+	github.com/armosec/opa-utils v0.0.76
 	github.com/armosec/rbac-utils v0.0.9
 	github.com/armosec/utils-go v0.0.3
 	github.com/briandowns/spinner v1.18.0
--- a/go.sum
+++ b/go.sum
@@ -91,8 +91,8 @@ github.com/armosec/k8s-interface v0.0.37/go.mod h1:vHxGWqD/uh6+GQb9Sqv7OGMs+Rvc2
 github.com/armosec/k8s-interface v0.0.50 h1:iLPGI0j85vwKANr9QDAnba4Efjg3DyIJg15jRJdvOnc=
 github.com/armosec/k8s-interface v0.0.50/go.mod h1:vHxGWqD/uh6+GQb9Sqv7OGMs+Rvc2dsFVc0XtgRh1ZU=
 github.com/armosec/opa-utils v0.0.64/go.mod h1:6tQP8UDq2EvEfSqh8vrUdr/9QVSCG4sJfju1SXQOn4c=
-github.com/armosec/opa-utils v0.0.75 h1:GBI3K18xc3WXJHIorIu4bGNAsfMYHUc1x7zueDz2ZbY=
-github.com/armosec/opa-utils v0.0.75/go.mod h1:L7d+uiIIXAZ3LEyKtmEIbMcI1hWgWaXGpn5zVCqzwSU=
+github.com/armosec/opa-utils v0.0.76 h1:MMh40/QUIzAd/2GGNOq6i6xzQdKvpCmhnKjA5KPZLmQ=
+github.com/armosec/opa-utils v0.0.76/go.mod h1:L7d+uiIIXAZ3LEyKtmEIbMcI1hWgWaXGpn5zVCqzwSU=
 github.com/armosec/rbac-utils v0.0.1/go.mod h1:pQ8CBiij8kSKV7aeZm9FMvtZN28VgA7LZcYyTWimq40=
 github.com/armosec/rbac-utils v0.0.9 h1:rIOWp4K7BELUNX32ktSjVbb8d/0SpH7W76W6Tf+8rzw=
 github.com/armosec/rbac-utils v0.0.9/go.mod h1:Ex/IdGWhGv9HZq6Hs8N/ApzCKSIvpNe/ETqDfnuyah0=
--- a/resultshandling/printer/jsonprinter.go
+++ b/resultshandling/printer/jsonprinter.go
@@ -21,7 +21,7 @@ func (jsonPrinter *JsonPrinter) SetWriter(outputFile string) {
 }

 func (jsonPrinter *JsonPrinter) Score(score float32) {
-	fmt.Printf("\nOverall risk-score (0- Excellent, 100- All failed): %d\n", int(score))
+	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", int(score))
 }

 func (jsonPrinter *JsonPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
--- a/resultshandling/printer/junit.go
+++ b/resultshandling/printer/junit.go
@@ -22,7 +22,7 @@ func (junitPrinter *JunitPrinter) SetWriter(outputFile string) {
 }

 func (junitPrinter *JunitPrinter) Score(score float32) {
-	fmt.Printf("\nOverall risk-score (0- Excellent, 100- All failed): %d\n", int(score))
+	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", int(score))
 }

 func (junitPrinter *JunitPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
--- a/resultshandling/reporter/mockreporter.go
+++ b/resultshandling/reporter/mockreporter.go
@@ -26,5 +26,5 @@ func (reportMock *ReportMock) SetClusterName(clusterName string) {

 func (reportMock *ReportMock) DisplayReportURL() {
 	message := fmt.Sprintf("\nYou can see the results in a user-friendly UI, choose your preferred compliance framework, check risk results history and trends, manage exceptions, get remediation recommendations and much more by registering here: https://%s/cli-signup \n", getter.GetArmoAPIConnector().GetFrontendURL())
-	cautils.InfoTextDisplay(os.Stdout, fmt.Sprintf("\n%s\n", message))
+	cautils.InfoTextDisplay(os.Stderr, fmt.Sprintf("\n%s\n", message))
 }
--- a/resultshandling/reporter/reporteventreceiver.go
+++ b/resultshandling/reporter/reporteventreceiver.go
@@ -130,7 +130,7 @@ func (report *ReportEventReceiver) DisplayReportURL() {
 	u.Host = getter.GetArmoAPIConnector().GetFrontendURL()

 	if report.customerAdminEMail != "" {
-		cautils.InfoTextDisplay(os.Stdout, fmt.Sprintf("\n\n%s %s/risk/%s\n(Account: %s)\n\n", message, u.String(), report.clusterName, report.customerGUID))
+		cautils.InfoTextDisplay(os.Stderr, fmt.Sprintf("\n\n%s %s/risk/%s\n(Account: %s)\n\n", message, u.String(), report.clusterName, report.customerGUID))
 		return
 	}
 	u.Path = "account/sign-up"
@@ -139,5 +139,5 @@ func (report *ReportEventReceiver) DisplayReportURL() {
 	q.Add("customerGUID", report.customerGUID)

 	u.RawQuery = q.Encode()
-	cautils.InfoTextDisplay(os.Stdout, fmt.Sprintf("\n\n%s %s\n\n", message, u.String()))
+	cautils.InfoTextDisplay(os.Stderr, fmt.Sprintf("\n\n%s %s\n\n", message, u.String()))
 }
Author	SHA1	Message	Date
David Delarosa	521f8930d7	Merge branch 'dev' into dev	2021-12-26 14:43:06 +02:00
David Wertenteil	11b9a8eb6e	fix ControlsInputsGetter init	2021-12-23 17:39:49 +02:00
yiscah	0d4350ae24	fix ControlsInputsGetter init	2021-12-23 17:31:23 +02:00
David Wertenteil	62a6a25aa1	support pulling config inputs from git	2021-12-23 16:48:29 +02:00
yiscah	14a74e7312	support pulling config inputs from git	2021-12-23 10:33:23 +02:00
David Delarosa	c35d1e8791	Use stderr By using stderr fd we can separate the information logs from the application output	2021-12-22 20:27:38 +02:00