Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1140 from snyk/feat/support-cloud-config
feat: add Cloud Config support
- Loading branch information
Showing
27 changed files
with
1,311 additions
and
101 deletions.
There are no files selected for viewing
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
Usage: | ||
|
||
$ snyk iac [command] [options] --file=<path> | ||
|
||
Find security issues in your Infrastructure as Code files. | ||
|
||
Commands: | ||
|
||
test ............... Test for any known issue. | ||
|
||
Options: | ||
|
||
-h, --help | ||
--json .................................. Return results in JSON format. | ||
--project-name=<string> ................. Specify a custom Snyk project name. | ||
--policy-path=<path> .................... Manually pass a path to a snyk policy file. | ||
--severity-threshold=<low|medium|high>... Only report issues of provided level or higher. | ||
|
||
Examples: | ||
|
||
$ snyk iac test /path/to/Kubernetes.yaml | ||
|
||
|
||
For more information see https://support.snyk.io/hc/en-us/categories/360001342678-Infrastructure-as-code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
import chalk from 'chalk'; | ||
import * as Debug from 'debug'; | ||
import { Options, TestOptions } from '../../../lib/types'; | ||
import { IacTestResult } from '../../../lib/snyk-test/iac-test-result'; | ||
import { getSeverityValue } from './formatters'; | ||
import { formatIssue } from './formatters/remediation-based-format-issues'; | ||
import { AnnotatedIacIssue } from '../../../lib/snyk-test/iac-test-result'; | ||
|
||
const debug = Debug('iac-output'); | ||
|
||
export function getIacDisplayedOutput( | ||
res: IacTestResult, | ||
testOptions: Options & TestOptions, | ||
testedInfoText: string, | ||
meta: string, | ||
prefix: string, | ||
): string { | ||
const issuesTextArray = [ | ||
chalk.bold.white('\nInfrastructure as code issues:'), | ||
]; | ||
|
||
const NoNote = false; | ||
const NotNew = false; | ||
|
||
const issues: AnnotatedIacIssue[] = res.result.cloudConfigResults; | ||
debug(`iac display output - ${issues.length} issues`); | ||
|
||
issues | ||
.sort((a, b) => getSeverityValue(b.severity) - getSeverityValue(a.severity)) | ||
.forEach((issue) => { | ||
const path: string[][] = [issue.cloudConfigPath]; | ||
issuesTextArray.push( | ||
formatIssue( | ||
issue.id, | ||
issue.title, | ||
issue.severity, | ||
NotNew, | ||
issue.subType, | ||
path, | ||
testOptions, | ||
NoNote, | ||
), | ||
); | ||
}); | ||
|
||
const issuesInfoOutput: string[] = []; | ||
debug(`Iac display output - ${issuesTextArray.length} issues text`); | ||
if (issuesTextArray.length > 0) { | ||
issuesInfoOutput.push(issuesTextArray.join('\n')); | ||
} | ||
|
||
let body = issuesInfoOutput.join('\n\n') + '\n\n' + meta; | ||
|
||
const vulnCountText = `found ${issues.length} issues`; | ||
const summary = testedInfoText + ', ' + chalk.red.bold(vulnCountText); | ||
|
||
body = body + '\n\n' + summary; | ||
|
||
return prefix + body; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
import chalk from 'chalk'; | ||
import { CustomError } from './custom-error'; | ||
|
||
export function NotSupportedIacFileError(atLocations: string[]) { | ||
const locationsStr = atLocations.join(', '); | ||
const errorMsg = | ||
'Not supported infrastruction as code target files in ' + | ||
locationsStr + | ||
'.\nPlease see our documentation for supported languages and ' + | ||
'target files: ' + | ||
chalk.underline( | ||
'https://support.snyk.io/hc/en-us/articles/360000911957-Language-support', | ||
) + | ||
' and make sure you are in the right directory.'; | ||
|
||
const error = new CustomError(errorMsg); | ||
error.code = 422; | ||
error.userMessage = errorMsg; | ||
return error; | ||
} | ||
|
||
export function IllegalIacFileError(atLocations: string[]): CustomError { | ||
const locationsStr = atLocations.join(', '); | ||
const errorMsg = | ||
'Illegal infrastruction as code target file ' + | ||
locationsStr + | ||
'.\nPlease see our documentation for supported languages and ' + | ||
'target files: ' + | ||
chalk.underline( | ||
'https://support.snyk.io/hc/en-us/articles/360000911957-Language-support', | ||
) + | ||
' and make sure you are in the right directory.'; | ||
|
||
const error = new CustomError(errorMsg); | ||
error.code = 422; | ||
error.userMessage = errorMsg; | ||
return error; | ||
} |
Oops, something went wrong.