Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Edit Statuses #1016

Merged
merged 18 commits into from
Feb 7, 2023
Merged

Edit Statuses #1016

merged 18 commits into from
Feb 7, 2023

Conversation

Moshe-Rappaport-CA
Copy link
Contributor

Describe your changes

Due to the many types of statuses, we are changing it to have 3 statuses:

  • passed
  • failed
  • action required (skipped)

For the controls (control-summary, resource-associates-controls) and for the rules (resource-associated-rules) there will also be a sub-status as defined below:

Status Sub Status
passed w/exceptions, irrelevant, (empty)
failed (empty)
skipped integration, configuration, manual review, requires review
  • For frameworks summary and result summary, there is only status

Below is the difference between the old and new statuses:


  Old statuses New statuses Description
1 passed passed Control passed on all resources tested
2 excluded passed (w/exceptions) Control passed due to all failed results are in exception
3 irrelevant passed (irrelevant) No resources were found to test control against (resources count should be 0)
4 skipped Action required (integration) Integration is required to test control (resources count should be 0)
5 failed failed Control failed
6 failed Action required (requiresReview) Control provides information the user needs to review the result manually
7 failed Action required (configuration)* Control doesn’t have any configuration or default values in the control configuration (resources count should be 0)
8 —------ Action required (manualReview) Control can’t be automated. User needs to check manually

* "Action required (configuration)" Also when the status is “passed”


Control types

  • A control that has a control-input should contain the "actionRequired": "configuration" attribute.
  • A control is a requires review type if it has the "actionRequired": "equires review" attribute.
  • A control is a manual review type if it has the "actionRequired": "manual review" attribute.
    A control that is of the manual-review type, should contain a rule with match, which will return the resources as they are

Screenshots - If Any (Optional)

I ran the following command to view the changes in the CLI printout:
kubescape scan control C-9999,C-0004,C-0052,C-0026,C-0085,C-0042,C-0009
The results of these controls on my cluster should be as follows:
"C-0009", should be passed(w/exceptions)
"C-0004", should be skipped(configuration)
"C-9999", should be skipped(manual review)
"C-0052", should be passed(irrelevant)
"C-0026", should be skipped(requires review)
"C-0085", should be skipped(integration)
"C-0042", should be passed

Summary table

image

Resource view

Prints only the controls that fail
image

Control view

image

Checklist before requesting a review

  • My code follows the style guidelines of this project
  • I have commented on my code, particularly in hard-to-understand areas
  • I have performed a self-review of my code
  • If it is a core feature, I have added thorough tests.
  • New and existing unit tests pass locally with my changes

Please open the PR against the dev branch (Unless the PR contains only documentation changes)

github-actions[bot]
github-actions bot reviewed Jan 9, 2023
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi! Welcome to Kubescape. Thank you for taking the time and contributing to the open source community

We will try to review as soon as possible!

@dwertent dwertent marked this pull request as draft January 11, 2023 07:26
@Moshe-Rappaport-CA Moshe-Rappaport-CA marked this pull request as ready for review January 12, 2023 10:02
@dwertent dwertent marked this pull request as draft January 16, 2023 10:08
@dwertent
Copy link
Contributor

Please open against the master branch

@Moshe-Rappaport-CA Moshe-Rappaport-CA changed the base branch from dev to master January 16, 2023 11:29
@amirmalka amirmalka self-assigned this Jan 31, 2023
@amirmalka amirmalka marked this pull request as ready for review January 31, 2023 14:15
@dwertent
Copy link
Contributor

dwertent commented Feb 2, 2023

@Moshe-Rappaport-CA Well done :)

@matthyx
Copy link
Contributor

matthyx commented Feb 3, 2023

@dwertent do we wait for some workflows to merge this one as well?

@amirmalka
updated go.mod go.sum
4fb49ec 
Signed-off-by: Amir Malka <amirm@armosec.io>
@amirmalka
Merge branch 'master' into status
dff5084
@amirmalka
updated go.mod go.sum
95172cc
@amirmalka
updated go.mod go.sum
5108245 
Signed-off-by: Amir Malka <amirm@armosec.io>
@amirmalka
updated go.mod go.sum
eab31ac 
Signed-off-by: Amir Malka <amirm@armosec.io>
@amirmalka amirmalka mentioned this pull request Feb 6, 2023
Closed
@amirmalka amirmalka changed the base branch from master to statuses February 7, 2023 09:36
@dwertent dwertent merged commit 60a91a1 into kubescape:statuses Feb 7, 2023
@amirmalka amirmalka mentioned this pull request Feb 14, 2023
Merged
amirmalka added a commit that referenced this pull request Feb 14, 2023
@amirmalka
Statuses (#1016) (#1082)
df39e10 
New statuses
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions left review comments

@dwertent dwertent Awaiting requested review from dwertent

Assignees

@amirmalka amirmalka

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@Moshe-Rappaport-CA @dwertent @matthyx @amirmalka