From 8e1efd39204f0b98778e361000245cbf51ff2f63 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Mon, 14 Nov 2022 12:47:23 +0100 Subject: [PATCH 01/15] feat: got opa query working --- .../dependencies/dependencies.go | 6 +- pkg/flag/report_flags.go | 1 + pkg/report/output/output.go | 25 +- pkg/report/output/policies/policies.go | 249 ++++++++++++++++++ 4 files changed, 277 insertions(+), 4 deletions(-) create mode 100644 pkg/report/output/policies/policies.go diff --git a/pkg/classification/dependencies/dependencies.go b/pkg/classification/dependencies/dependencies.go index b10d3bb1f..ad994eeb2 100644 --- a/pkg/classification/dependencies/dependencies.go +++ b/pkg/classification/dependencies/dependencies.go @@ -15,9 +15,9 @@ type ClassifiedDependency struct { } type Classification struct { - RecipeMatch bool `json:"recipe_match"` - RecipeName string `json:"recipe_name,omitempty"` - Decision classify.ClassificationDecision + RecipeMatch bool `json:"recipe_match"` + RecipeName string `json:"recipe_name,omitempty"` + Decision classify.ClassificationDecision `json:"descision"` } type Classifier struct { diff --git a/pkg/flag/report_flags.go b/pkg/flag/report_flags.go index 1929676da..62d3d9fca 100644 --- a/pkg/flag/report_flags.go +++ b/pkg/flag/report_flags.go @@ -8,6 +8,7 @@ var ( ReportDetectors = "detectors" ReportDataFlow = "dataflow" + ReportPolicies = "policies" ) var ( diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go index 550677987..8f4ad2a97 100644 --- a/pkg/report/output/output.go +++ b/pkg/report/output/output.go @@ -8,6 +8,7 @@ import ( "github.com/bearer/curio/pkg/commands/process/settings" "github.com/bearer/curio/pkg/flag" "github.com/bearer/curio/pkg/report/output/dataflow" + "github.com/bearer/curio/pkg/report/output/policies" "github.com/bearer/curio/pkg/types" "gopkg.in/yaml.v3" @@ -63,10 +64,32 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { return nil, err } - ouputDetections, err = dataflow.GetOuput(detections, config) + // ouputDetections, err = dataflow.GetOuput(detections, config) + output, err := policies.GetDataflow(detections) if err != nil { return nil, err } + + return output, nil + + } else if config.Report.Report == flag.ReportPolicies { + detections, err := GetDetectorsOutput(report) + if err != nil { + return nil, err + } + + policiesData, err := dataflow.GetOuput(detections, config) + if err != nil { + return nil, err + } + + data, err := policies.GetPolicies(policiesData) + if err != nil { + return nil, err + } + + return data, err + // log.Debug().Msgf("%s", data) } return ouputDetections, nil diff --git a/pkg/report/output/policies/policies.go b/pkg/report/output/policies/policies.go new file mode 100644 index 000000000..9d2085ab8 --- /dev/null +++ b/pkg/report/output/policies/policies.go @@ -0,0 +1,249 @@ +package policies + +import ( + "context" + + "github.com/bearer/curio/pkg/report/output/dataflow" + "github.com/open-policy-agent/opa/rego" + "github.com/rs/zerolog/log" +) + +const opaConfig string = ` +services: + acmecorp: + url: https://example.com/control-plane-api/v1 + response_header_timeout_seconds: 5 + credentials: + bearer: + token: "bGFza2RqZmxha3NkamZsa2Fqc2Rsa2ZqYWtsc2RqZmtramRmYWxkc2tm" + +labels: + app: myapp + region: west + environment: production + +bundles: + authz: + service: acmecorp + resource: bundles/http/example/authz.tar.gz + persist: true + polling: + min_delay_seconds: 60 + max_delay_seconds: 120 + signing: + keyid: global_key + scope: write + +decision_logs: + service: acmecorp + reporting: + min_delay_seconds: 300 + max_delay_seconds: 600 + +status: + service: acmecorp + +default_decision: /http/example/authz/allow + +persistence_directory: /var/opa + +keys: + global_key: + algorithm: RS256 + key: + scope: read + +caching: + inter_query_builtin_cache: + max_size_bytes: 10000000 + +distributed_tracing: + type: grpc + address: localhost:4317 + service_name: opa + sample_percentage: 50 + encryption: "off" +` + +const dataflowQuery = ` +package demo + +import future.keywords + +sites := [ + { + "region": "east", + "name": "prod", + "servers": [ + { + "name": "web-0", + "hostname": "hydrogen" + }, + { + "name": "web-1", + "hostname": "helium" + }, + { + "name": "db-0", + "hostname": "lithium" + } + ] + }, + { + "region": "west", + "name": "smoke", + "servers": [ + { + "name": "web-1000", + "hostname": "beryllium" + }, + { + "name": "web-1001", + "hostname": "boron" + }, + { + "name": "db-1000", + "hostname": "carbon" + } + ] + }, + { + "region": "west", + "name": "dev", + "servers": [ + { + "name": "web-dev", + "hostname": "nitrogen" + }, + { + "name": "db-dev", + "hostname": "oxygen" + } + ] + } + ] + +hostnames[name] { + name := sites[_].servers[_].hostname +} +` + +const dataflowQuery2 = ` +package example.authz + +import future.keywords.if +import future.keywords.in + + +sites := [ + { + "region": "east", + "name": "prod", + "servers": [ + { + "name": "web-0", + "hostname": "hydrogen" + }, + { + "name": "web-1", + "hostname": "helium" + }, + { + "name": "db-0", + "hostname": "lithium" + } + ] + }, + { + "region": "west", + "name": "smoke", + "servers": [ + { + "name": "web-1000", + "hostname": "beryllium" + }, + { + "name": "web-1001", + "hostname": "boron" + }, + { + "name": "db-1000", + "hostname": "carbon" + } + ] + }, + { + "region": "west", + "name": "dev", + "servers": [ + { + "name": "web-dev", + "hostname": "nitrogen" + }, + { + "name": "db-dev", + "hostname": "oxygen" + } + ] + } + ] + +hostnames[name] { + name := sites[_].servers[_].hostname +} +` + +func GetPolicies(dataflow *dataflow.DataFlow) (rego.Vars, error) { + input := ` + some detector2 in input.risks + detector2.detector_id == "detect_ruby_logger" + locations := detector2.data_types[_].locations + + result = {"warning": {"message": "there are logger leaks detected" , "count": count(locations) , "locations": locations}}{ + count(locations) > 0 + } + ` + result, err := rego.New(rego.Query(input), rego.Input(*dataflow), rego.Imports([]string{"future.keywords"})).Eval(context.Background()) + if err != nil { + log.Debug().Msgf("got error %s", err) + return rego.Vars{}, err + } + + log.Debug().Msgf("result %#v", result) + log.Debug().Msgf("result %#v") + + if len(result) > 0 { + return result[0].Bindings, nil + } + + return rego.Vars{}, nil +} + +func GetDataflow(data []interface{}) (interface{}, error) { + ctx := context.TODO() + + r := rego.New( + rego.Query("x = data.example.authz.hostnames"), rego.Module("example.rego", dataflowQuery2)) + + // Create a prepared query that can be evaluated. + query, err := r.PrepareForEval(ctx) + if err != nil { + return nil, err + } + + // Create a prepared query that can be evaluated. + rs, err := query.Eval(ctx, rego.EvalInput(data)) + if err != nil { + return nil, err + } + + log.Debug().Msgf("result %#v", rs) + + // result, err := rego.New(rego.Query(input), rego.Input(data), rego.ShallowInlining(false), rego.Imports([]string{"future.keywords"})).Eval(context.Background()) + // if err != nil { + // log.Debug().Msgf("got error %s", err) + // return rego.Vars{}, err + // } + + return rs[0].Bindings, nil +} From 9bb69729bb34b7116871bc1b8c4308f90f1529f1 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Mon, 14 Nov 2022 12:47:51 +0100 Subject: [PATCH 02/15] chore: add opa dependency --- go.mod | 17 ++++++++++++---- go.sum | 64 +++++++++++++++++++++++++++++++++++++++++++++++++--------- 2 files changed, 68 insertions(+), 13 deletions(-) diff --git a/go.mod b/go.mod index 3cd545221..06b6cb838 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/go-enry/go-enry/v2 v2.8.2 github.com/google/uuid v1.3.0 github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 + github.com/open-policy-agent/opa v0.46.1 github.com/rs/zerolog v1.28.0 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 github.com/schollz/progressbar/v3 v3.11.0 @@ -25,12 +26,15 @@ require ( ) require ( + github.com/OneOfOne/xxhash v1.2.8 // indirect + github.com/agnivade/levenshtein v1.1.1 // indirect github.com/charmbracelet/lipgloss v0.5.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/semgroup v1.2.0 // indirect github.com/gitleaks/go-gitdiff v0.8.0 // indirect github.com/go-enry/go-oniguruma v1.2.1 // indirect + github.com/gobwas/glob v0.2.3 // indirect github.com/h2non/filetype v1.1.3 // indirect github.com/inconshreveable/mousetrap v1.0.1 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect @@ -41,16 +45,21 @@ require ( github.com/muesli/reflow v0.2.1-0.20210115123740-9e1d0d53df68 // indirect github.com/muesli/termenv v0.11.1-0.20220204035834-5ac8409525e0 // indirect github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 // indirect + github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 // indirect github.com/rivo/uniseg v0.4.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/tchap/go-patricia/v2 v2.3.1 // indirect + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/yashtewari/glob-intersection v0.1.0 // indirect golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect golang.org/x/term v0.1.0 // indirect - gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect ) require ( - github.com/fsnotify/fsnotify v1.5.4 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/magiconair/properties v1.8.6 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect @@ -58,13 +67,13 @@ require ( github.com/pelletier/go-toml/v2 v2.0.5 // indirect github.com/spf13/afero v1.8.2 // indirect github.com/spf13/cast v1.5.0 // indirect - github.com/spf13/cobra v1.6.0 + github.com/spf13/cobra v1.6.1 github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.13.0 github.com/subosito/gotenv v1.4.1 // indirect golang.org/x/sys v0.1.0 // indirect - golang.org/x/text v0.3.7 // indirect + golang.org/x/text v0.4.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 diff --git a/go.sum b/go.sum index 50d2a0efe..5cbddc3db 100644 --- a/go.sum +++ b/go.sum @@ -38,9 +38,19 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= +github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= +github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8= +github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= +github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= +github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/bradleyjkemp/cupaloy v2.3.0+incompatible h1:UafIjBvWQmS9i/xRg+CamMrnLTKNzo+bdmT/oH34c2Y= github.com/bradleyjkemp/cupaloy v2.3.0+incompatible/go.mod h1:Au1Xw1sgaJ5iSFktEhYsS0dbQiS1B0/XMXl+42y9Ilk= +github.com/bytecodealliance/wasmtime-go v1.0.0 h1:9u9gqaUiaJeN5IoD1L7egD8atOnTGyJcNp8BhkL9cUU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= +github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/charmbracelet/lipgloss v0.5.0 h1:lulQHuVeodSgDez+3rGiuxlPVXSnhth442DATR2/8t8= github.com/charmbracelet/lipgloss v0.5.0/go.mod h1:EZLha/HbzEt7cYqdFPovlqy5FZPj0xFhg5SaqxScmgs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -56,6 +66,11 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgraph-io/badger/v3 v3.2103.3 h1:s63J1pisDhKpzWslXFe+ChuthuZptpwTE6qEKoczPb4= +github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= +github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= +github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= +github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -64,9 +79,11 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/semgroup v1.2.0 h1:h/OLXwEM+3NNyAdZEpMiH1OzfplU09i2qXPVThGZvyg= github.com/fatih/semgroup v1.2.0/go.mod h1:1KAD4iIYfXjE4U13B48VM4z9QUwV5Tt8O4rS879kgm8= +github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= +github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897 h1:E52jfcE64UG42SwLmrW0QByONfGynWuzBvm86BoB9z8= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= -github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= -github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gitleaks/go-gitdiff v0.8.0 h1:7aExTZm+K/M/EQKOyYcub8rIAdWK6ONxPGuRzxmWW+0= @@ -78,11 +95,16 @@ github.com/go-enry/go-oniguruma v1.2.1/go.mod h1:bWDhYP+S6xZQgiRL7wlTScFYBe023B6 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -104,8 +126,11 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/flatbuffers v1.12.1 h1:MVlul7pQNoDzWRLTw5imwYsl+usrS1TXG2H4jg6ImGw= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -152,9 +177,9 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213/go.mod h1:vNUNkEQ1e29fT/6vq2aBdFsgNPmy8qMdSay1npru+Sw= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= @@ -172,6 +197,8 @@ github.com/mattn/go-runewidth v0.0.10/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRC github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= +github.com/miekg/dns v1.1.43 h1:JKfpVSCB84vrAmHzyrsxB5NAr5kLoMXZArPSw7Qlgyg= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= @@ -182,17 +209,26 @@ github.com/muesli/reflow v0.2.1-0.20210115123740-9e1d0d53df68 h1:y1p/ycavWjGT9Fn github.com/muesli/reflow v0.2.1-0.20210115123740-9e1d0d53df68/go.mod h1:Xk+z4oIWdQqJzsxyjgl3P22oYZnHdZ8FFTHAQQt5BMQ= github.com/muesli/termenv v0.11.1-0.20220204035834-5ac8409525e0 h1:STjmj0uFfRryL9fzRA/OupNppeAID6QJYPMavTL7jtY= github.com/muesli/termenv v0.11.1-0.20220204035834-5ac8409525e0/go.mod h1:Bd5NYQ7pd+SrtBSrSNoBBmXlcY8+Xj4BMJgh8qcZrvs= +github.com/open-policy-agent/opa v0.46.1 h1:iG998SLK0rzalex7Hyekeq17b9WtUexM0AuyHrQ7fCc= +github.com/open-policy-agent/opa v0.46.1/go.mod h1:DY9ZkCyz+DKoWI5gDuLw5rGC2RSb37QUeEf+9VjsWkI= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg= github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9 h1:lL+y4Xv20pVlCGyLzNHRC0I0rIHhIL1lTvHizoS/dU8= github.com/petar-dambovaliev/aho-corasick v0.0.0-20211021192214-5ab2d9280aa9/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.13.1 h1:3gMjIY2+/hzmqhtUC/aQNYldJA6DtH3CgQvwS+02K1c= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= +github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= +github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= +github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 h1:MkV+77GLUNo5oJ0jf870itWm3D0Sjh7+Za9gazKc5LQ= +github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.2 h1:YwD0ulJSJytLpiaWua0sBDusfsCZohxjxzVTYjwxfV8= @@ -208,14 +244,15 @@ github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDj github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs= github.com/schollz/progressbar/v3 v3.11.0 h1:3nIBUF1Zw/pGUaRHP7PZWmARP7ZQbWQ6vL6hwoQiIvU= github.com/schollz/progressbar/v3 v3.11.0/go.mod h1:R2djRgv58sn00AGysc4fN0ip4piOGd3z88K+zVBjczs= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/smacker/go-tree-sitter v0.0.0-20220829074436-0a7a807924f2 h1:p+xxTsHssBdE21bzntBWAKjNyZ7BpuxynngfAe4hTHg= github.com/smacker/go-tree-sitter v0.0.0-20220829074436-0a7a807924f2/go.mod h1:q99oHDsbP0xRwmn7Vmob8gbSMNyvJ83OauXPSuHQuKE= github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= -github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= +github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= +github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -242,12 +279,20 @@ github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/tangzero/inflector v1.0.0 h1:933dvPwRUUOAl98hyeeXuzFix3HwDt5j+45lleu8oh0= github.com/tangzero/inflector v1.0.0/go.mod h1:OknKjAyDPCDzcWt0yOh2I7hqTukEdyyApcX3/KOhuXc= +github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= +github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= github.com/weppos/publicsuffix-go v0.20.0 h1:59ypvSUbW3Dunc6zVm+v+MmXf2Q6cGiNDkxgRIzEnaA= github.com/weppos/publicsuffix-go v0.20.0/go.mod h1:5ZC/Uv3fIEUE0eP6o9+Yg4+5+W8V0/BieMi05feGXVA= github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220704091424-e0182326a282/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= github.com/wlredeye/jsonlines v0.0.0-20160904163743-36b5e1bd13d0 h1:ZsWrjHNVlxO2ej+fws7pbFNYf6hGQa+zCAvz9Ddyyrs= github.com/wlredeye/jsonlines v0.0.0-20160904163743-36b5e1bd13d0/go.mod h1:QywrYcudWflgMizuKFF70dswp/brPwihcARIe13aiKo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/yashtewari/glob-intersection v0.1.0 h1:6gJvMYQlTDOL3dMsPF6J0+26vwX9MB8/1q3uAdhmTrg= +github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -260,6 +305,7 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -394,9 +440,9 @@ golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -409,8 +455,8 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -555,10 +601,10 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= From 4a9b5cf6f748d7fbbe53f51ab881167b4b9f437d Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Mon, 14 Nov 2022 18:55:46 +0100 Subject: [PATCH 03/15] feat: load embeded policies --- .../process/settings/custom_detector.yml | 2 +- pkg/commands/process/settings/policies.yml | 7 + .../settings/policies/logger_leaks.rego | 10 + pkg/commands/process/settings/settings.go | 68 ++++++- pkg/report/output/output.go | 10 +- pkg/report/output/policies/policies.go | 182 +++--------------- 6 files changed, 119 insertions(+), 160 deletions(-) create mode 100644 pkg/commands/process/settings/policies.yml create mode 100644 pkg/commands/process/settings/policies/logger_leaks.rego diff --git a/pkg/commands/process/settings/custom_detector.yml b/pkg/commands/process/settings/custom_detector.yml index 3d2dcc639..a1b6d0c80 100644 --- a/pkg/commands/process/settings/custom_detector.yml +++ b/pkg/commands/process/settings/custom_detector.yml @@ -1,6 +1,6 @@ detect_ruby_logger: patterns: - | - log.info(<$ARGUMENT>) + logger.info(<$ARGUMENT>) languages: - ruby diff --git a/pkg/commands/process/settings/policies.yml b/pkg/commands/process/settings/policies.yml new file mode 100644 index 000000000..e3cb85a65 --- /dev/null +++ b/pkg/commands/process/settings/policies.yml @@ -0,0 +1,7 @@ +logger_leaks: + message: "Logger leaks detected" + level: "warning" + query: "warning = data.bearer.logger_leaks.warning" + modules: + - path: policies/logger_leaks.rego + name: bearer.logger_leaks diff --git a/pkg/commands/process/settings/policies/logger_leaks.rego b/pkg/commands/process/settings/policies/logger_leaks.rego new file mode 100644 index 000000000..b5a170dec --- /dev/null +++ b/pkg/commands/process/settings/policies/logger_leaks.rego @@ -0,0 +1,10 @@ +package bearer.logger_leaks + +import future.keywords + +default warning := false + +warning if { +some detector in input.risks +detector.detector_id == "detect_ruby_logger" +} \ No newline at end of file diff --git a/pkg/commands/process/settings/settings.go b/pkg/commands/process/settings/settings.go index 1a655b43e..3a2c0de02 100644 --- a/pkg/commands/process/settings/settings.go +++ b/pkg/commands/process/settings/settings.go @@ -1,6 +1,7 @@ package settings import ( + "embed" _ "embed" "github.com/rs/zerolog/log" @@ -15,6 +16,26 @@ type Config struct { Scan flag.ScanOptions `json:"scan"` Report flag.ReportOptions `json:"report"` CustomDetector map[string]Rule `json:"custom_detector"` + Policies map[string]*Policy `json:"policies"` +} + +type policyLevel string + +var LevelMedium = "medium" +var LevelWarning = "warning" +var LevelCritical = "critical" + +type Policy struct { + Query string + Message string + Modules []*PolicyModule + Level policyLevel +} + +type PolicyModule struct { + Path string + Name string + Content string } type Rule struct { @@ -35,7 +56,14 @@ type MetaVar struct { //go:embed custom_detector.yml var customDetector []byte +//go:embed policies.yml +var defaultPolicies []byte + +//go:embed policies/* +var policiesFs embed.FS + var CustomDetectorKey string = "scan.custom_detector" +var PoliciesKey string = "scan.policies" func FromOptions(opts flag.Options) (Config, error) { rules := DefaultCustomDetector() @@ -46,12 +74,37 @@ func FromOptions(opts flag.Options) (Config, error) { } } - return Config{ + policies := DefaultPolicies() + if viper.IsSet(PoliciesKey) { + err := viper.UnmarshalKey(PoliciesKey, &rules) + if err != nil { + return Config{}, err + } + } + + for _, policy := range policies { + for _, module := range policy.Modules { + if module.Path != "" { + content, err := policiesFs.ReadFile(module.Path) + if err != nil { + return Config{}, err + } + module.Content = string(content) + } + } + } + + // | warning | logger leaks | Logger leaks detected | location1, location2 + + config := Config{ Worker: opts.WorkerOptions, CustomDetector: rules, Scan: opts.ScanOptions, Report: opts.ReportOptions, - }, nil + Policies: policies, + } + + return config, nil } func DefaultCustomDetector() map[string]Rule { @@ -64,3 +117,14 @@ func DefaultCustomDetector() map[string]Rule { return rules } + +func DefaultPolicies() map[string]*Policy { + var policies map[string]*Policy + + err := yaml.Unmarshal(defaultPolicies, &policies) + if err != nil { + log.Fatal().Msgf("failed to unmarshal database file %e", err) + } + + return policies +} diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go index 8f4ad2a97..969ddcb25 100644 --- a/pkg/report/output/output.go +++ b/pkg/report/output/output.go @@ -64,13 +64,13 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { return nil, err } - // ouputDetections, err = dataflow.GetOuput(detections, config) - output, err := policies.GetDataflow(detections) + ouputDetections, err = dataflow.GetOuput(detections, config) + // output, err := policies.GetDataflow(detections) if err != nil { return nil, err } - return output, nil + return ouputDetections, nil } else if config.Report.Report == flag.ReportPolicies { detections, err := GetDetectorsOutput(report) @@ -83,7 +83,7 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { return nil, err } - data, err := policies.GetPolicies(policiesData) + data, err := policies.GetPolicies(policiesData, config) if err != nil { return nil, err } @@ -92,7 +92,7 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { // log.Debug().Msgf("%s", data) } - return ouputDetections, nil + return nil, nil } func GetDetectorsOutput(report types.Report) ([]interface{}, error) { diff --git a/pkg/report/output/policies/policies.go b/pkg/report/output/policies/policies.go index 9d2085ab8..9952f4ae9 100644 --- a/pkg/report/output/policies/policies.go +++ b/pkg/report/output/policies/policies.go @@ -3,137 +3,48 @@ package policies import ( "context" + "github.com/bearer/curio/pkg/commands/process/settings" "github.com/bearer/curio/pkg/report/output/dataflow" "github.com/open-policy-agent/opa/rego" "github.com/rs/zerolog/log" ) -const opaConfig string = ` -services: - acmecorp: - url: https://example.com/control-plane-api/v1 - response_header_timeout_seconds: 5 - credentials: - bearer: - token: "bGFza2RqZmxha3NkamZsa2Fqc2Rsa2ZqYWtsc2RqZmtramRmYWxkc2tm" - -labels: - app: myapp - region: west - environment: production - -bundles: - authz: - service: acmecorp - resource: bundles/http/example/authz.tar.gz - persist: true - polling: - min_delay_seconds: 60 - max_delay_seconds: 120 - signing: - keyid: global_key - scope: write - -decision_logs: - service: acmecorp - reporting: - min_delay_seconds: 300 - max_delay_seconds: 600 - -status: - service: acmecorp - -default_decision: /http/example/authz/allow - -persistence_directory: /var/opa - -keys: - global_key: - algorithm: RS256 - key: - scope: read - -caching: - inter_query_builtin_cache: - max_size_bytes: 10000000 - -distributed_tracing: - type: grpc - address: localhost:4317 - service_name: opa - sample_percentage: 50 - encryption: "off" -` +func GetPolicies(dataflow *dataflow.DataFlow, config settings.Config) ([]rego.Vars, error) { + ctx := context.TODO() -const dataflowQuery = ` -package demo + var result []rego.Vars -import future.keywords + for _, policy := range config.Policies { + options := []func(r *rego.Rego){rego.Query(policy.Query)} + for _, module := range policy.Modules { + options = append(options, rego.Module(module.Name, module.Content)) + } -sites := [ - { - "region": "east", - "name": "prod", - "servers": [ - { - "name": "web-0", - "hostname": "hydrogen" - }, - { - "name": "web-1", - "hostname": "helium" - }, - { - "name": "db-0", - "hostname": "lithium" - } - ] - }, - { - "region": "west", - "name": "smoke", - "servers": [ - { - "name": "web-1000", - "hostname": "beryllium" - }, - { - "name": "web-1001", - "hostname": "boron" - }, - { - "name": "db-1000", - "hostname": "carbon" - } - ] - }, - { - "region": "west", - "name": "dev", - "servers": [ - { - "name": "web-dev", - "hostname": "nitrogen" - }, - { - "name": "db-dev", - "hostname": "oxygen" - } - ] + r := rego.New(options...) + query, err := r.PrepareForEval(ctx) + if err != nil { + return nil, err } - ] - -hostnames[name] { - name := sites[_].servers[_].hostname + + // Create a prepared query that can be evaluated. + rs, err := query.Eval(ctx, rego.EvalInput(dataflow)) + if err != nil { + return nil, err + } + + log.Debug().Msgf("result %#v", rs) + + result = append(result, rs[0].Bindings) + } + + // Create a prepared query that can be evaluated. + return result, nil } -` -const dataflowQuery2 = ` +func GetDataflow(data []interface{}) (interface{}, error) { + const dataFlowQuery = ` package example.authz -import future.keywords.if -import future.keywords.in - sites := [ { @@ -193,37 +104,10 @@ hostnames[name] { } ` -func GetPolicies(dataflow *dataflow.DataFlow) (rego.Vars, error) { - input := ` - some detector2 in input.risks - detector2.detector_id == "detect_ruby_logger" - locations := detector2.data_types[_].locations - - result = {"warning": {"message": "there are logger leaks detected" , "count": count(locations) , "locations": locations}}{ - count(locations) > 0 - } - ` - result, err := rego.New(rego.Query(input), rego.Input(*dataflow), rego.Imports([]string{"future.keywords"})).Eval(context.Background()) - if err != nil { - log.Debug().Msgf("got error %s", err) - return rego.Vars{}, err - } - - log.Debug().Msgf("result %#v", result) - log.Debug().Msgf("result %#v") - - if len(result) > 0 { - return result[0].Bindings, nil - } - - return rego.Vars{}, nil -} - -func GetDataflow(data []interface{}) (interface{}, error) { ctx := context.TODO() r := rego.New( - rego.Query("x = data.example.authz.hostnames"), rego.Module("example.rego", dataflowQuery2)) + rego.Query("x = data.example.authz.hostnames"), rego.Module("example.rego", dataFlowQuery)) // Create a prepared query that can be evaluated. query, err := r.PrepareForEval(ctx) @@ -239,11 +123,5 @@ func GetDataflow(data []interface{}) (interface{}, error) { log.Debug().Msgf("result %#v", rs) - // result, err := rego.New(rego.Query(input), rego.Input(data), rego.ShallowInlining(false), rego.Imports([]string{"future.keywords"})).Eval(context.Background()) - // if err != nil { - // log.Debug().Msgf("got error %s", err) - // return rego.Vars{}, err - // } - return rs[0].Bindings, nil } From 527e985712fd74413c13d8e14f3cb76f1af59b73 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 13:17:17 +0100 Subject: [PATCH 04/15] feat: add locations to logger leaks policy --- pkg/commands/process/settings/policies.yml | 2 +- .../settings/policies/logger_leaks.rego | 17 ++-- pkg/report/output/policies/policies.go | 85 ------------------- 3 files changed, 13 insertions(+), 91 deletions(-) diff --git a/pkg/commands/process/settings/policies.yml b/pkg/commands/process/settings/policies.yml index e3cb85a65..4517edbc3 100644 --- a/pkg/commands/process/settings/policies.yml +++ b/pkg/commands/process/settings/policies.yml @@ -1,7 +1,7 @@ logger_leaks: message: "Logger leaks detected" level: "warning" - query: "warning = data.bearer.logger_leaks.warning" + query: "level = data.bearer.logger_leaks.level; locations = data.bearer.logger_leaks.locations" modules: - path: policies/logger_leaks.rego name: bearer.logger_leaks diff --git a/pkg/commands/process/settings/policies/logger_leaks.rego b/pkg/commands/process/settings/policies/logger_leaks.rego index b5a170dec..e2f740c7f 100644 --- a/pkg/commands/process/settings/policies/logger_leaks.rego +++ b/pkg/commands/process/settings/policies/logger_leaks.rego @@ -2,9 +2,16 @@ package bearer.logger_leaks import future.keywords -default warning := false +default level := "none" + + +locations[location] { + some detector in input.risks + detector.detector_id == "detect_ruby_logger" + location = detector.data_types[_].locations[_] +} + +level = "warning" if { + count(locations) > 0 +} -warning if { -some detector in input.risks -detector.detector_id == "detect_ruby_logger" -} \ No newline at end of file diff --git a/pkg/report/output/policies/policies.go b/pkg/report/output/policies/policies.go index 9952f4ae9..ad4d36319 100644 --- a/pkg/report/output/policies/policies.go +++ b/pkg/report/output/policies/policies.go @@ -40,88 +40,3 @@ func GetPolicies(dataflow *dataflow.DataFlow, config settings.Config) ([]rego.Va // Create a prepared query that can be evaluated. return result, nil } - -func GetDataflow(data []interface{}) (interface{}, error) { - const dataFlowQuery = ` -package example.authz - - -sites := [ - { - "region": "east", - "name": "prod", - "servers": [ - { - "name": "web-0", - "hostname": "hydrogen" - }, - { - "name": "web-1", - "hostname": "helium" - }, - { - "name": "db-0", - "hostname": "lithium" - } - ] - }, - { - "region": "west", - "name": "smoke", - "servers": [ - { - "name": "web-1000", - "hostname": "beryllium" - }, - { - "name": "web-1001", - "hostname": "boron" - }, - { - "name": "db-1000", - "hostname": "carbon" - } - ] - }, - { - "region": "west", - "name": "dev", - "servers": [ - { - "name": "web-dev", - "hostname": "nitrogen" - }, - { - "name": "db-dev", - "hostname": "oxygen" - } - ] - } - ] - -hostnames[name] { - name := sites[_].servers[_].hostname -} -` - - ctx := context.TODO() - - r := rego.New( - rego.Query("x = data.example.authz.hostnames"), rego.Module("example.rego", dataFlowQuery)) - - // Create a prepared query that can be evaluated. - query, err := r.PrepareForEval(ctx) - if err != nil { - return nil, err - } - - // Create a prepared query that can be evaluated. - rs, err := query.Eval(ctx, rego.EvalInput(data)) - if err != nil { - return nil, err - } - - log.Debug().Msgf("result %#v", rs) - - return rs[0].Bindings, nil -} From 4e3de6c0629274ea6c50fd89ed44211036f315e7 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 13:18:40 +0100 Subject: [PATCH 05/15] fix: remove comment --- pkg/commands/process/settings/settings.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkg/commands/process/settings/settings.go b/pkg/commands/process/settings/settings.go index 3a2c0de02..17175e592 100644 --- a/pkg/commands/process/settings/settings.go +++ b/pkg/commands/process/settings/settings.go @@ -94,8 +94,6 @@ func FromOptions(opts flag.Options) (Config, error) { } } - // | warning | logger leaks | Logger leaks detected | location1, location2 - config := Config{ Worker: opts.WorkerOptions, CustomDetector: rules, From e94232f731521920294e1a4f010447b26d9996d4 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 13:21:07 +0100 Subject: [PATCH 06/15] docs: update commands documentation --- pkg/flag/report_flags.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/flag/report_flags.go b/pkg/flag/report_flags.go index 62d3d9fca..8b6f2736d 100644 --- a/pkg/flag/report_flags.go +++ b/pkg/flag/report_flags.go @@ -23,7 +23,7 @@ var ( Name: "report", ConfigName: "report.report", Value: ReportDetectors, - Usage: "specify the kind of report (detectors, dataflow)", + Usage: "specify the kind of report (detectors, dataflow, policies)", } OutputFlag = Flag{ Name: "output", From 9f0b0035fe33f05b3ea611859e825168001a6042 Mon Sep 17 00:00:00 2001 From: Vjeran Fistric <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:06:00 +0100 Subject: [PATCH 07/15] Update pkg/classification/dependencies/dependencies.go MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Cédric Fabianski --- pkg/classification/dependencies/dependencies.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/classification/dependencies/dependencies.go b/pkg/classification/dependencies/dependencies.go index ad994eeb2..50fb295ba 100644 --- a/pkg/classification/dependencies/dependencies.go +++ b/pkg/classification/dependencies/dependencies.go @@ -17,7 +17,7 @@ type ClassifiedDependency struct { type Classification struct { RecipeMatch bool `json:"recipe_match"` RecipeName string `json:"recipe_name,omitempty"` - Decision classify.ClassificationDecision `json:"descision"` + Decision classify.ClassificationDecision `json:"decision"` } type Classifier struct { From 23f4e6d31fba47598f2e11ec2413b2685980d0c6 Mon Sep 17 00:00:00 2001 From: Vjeran Fistric <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:06:35 +0100 Subject: [PATCH 08/15] Update pkg/report/output/output.go MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Cédric Fabianski --- pkg/report/output/output.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go index 969ddcb25..020f4ce56 100644 --- a/pkg/report/output/output.go +++ b/pkg/report/output/output.go @@ -70,7 +70,7 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { return nil, err } - return ouputDetections, nil + return outputDetections, nil } else if config.Report.Report == flag.ReportPolicies { detections, err := GetDetectorsOutput(report) From a6221d1ade2ea1830606207ccfcdcaa0d6af300a Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:09:46 +0100 Subject: [PATCH 09/15] fix: report output --- pkg/report/output/output.go | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go index 020f4ce56..44671cda3 100644 --- a/pkg/report/output/output.go +++ b/pkg/report/output/output.go @@ -2,6 +2,7 @@ package output import ( "encoding/json" + "errors" "fmt" "os" @@ -17,6 +18,8 @@ import ( "github.com/wlredeye/jsonlines" ) +var ErrUndefinedFormat = errors.New("undefined output format") + func ReportJSON(report types.Report, output *zerolog.Event, config settings.Config) error { ouputDetections, err := getReportOutput(report, config) if err != nil { @@ -50,27 +53,15 @@ func ReportYAML(report types.Report, output *zerolog.Event, config settings.Conf } func getReportOutput(report types.Report, config settings.Config) (any, error) { - var ouputDetections any - var err error - if config.Report.Report == flag.ReportDetectors { - ouputDetections, err = GetDetectorsOutput(report) - if err != nil { - return nil, err - } + return GetDetectorsOutput(report) } else if config.Report.Report == flag.ReportDataFlow { detections, err := GetDetectorsOutput(report) if err != nil { return nil, err } - ouputDetections, err = dataflow.GetOuput(detections, config) - // output, err := policies.GetDataflow(detections) - if err != nil { - return nil, err - } - - return outputDetections, nil + return dataflow.GetOuput(detections, config) } else if config.Report.Report == flag.ReportPolicies { detections, err := GetDetectorsOutput(report) @@ -83,16 +74,10 @@ func getReportOutput(report types.Report, config settings.Config) (any, error) { return nil, err } - data, err := policies.GetPolicies(policiesData, config) - if err != nil { - return nil, err - } - - return data, err - // log.Debug().Msgf("%s", data) + return policies.GetPolicies(policiesData, config) } - return nil, nil + return nil, ErrUndefinedFormat } func GetDetectorsOutput(report types.Report) ([]interface{}, error) { From 8d29ce4a413dc418837a742d76b2988b94b156f5 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:18:56 +0100 Subject: [PATCH 10/15] chore: fix output file --- pkg/report/output/output.go | 27 ++++++++++++-------------- pkg/report/output/policies/policies.go | 2 +- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/pkg/report/output/output.go b/pkg/report/output/output.go index d92c5c409..8670e8b7a 100644 --- a/pkg/report/output/output.go +++ b/pkg/report/output/output.go @@ -8,6 +8,9 @@ import ( "github.com/bearer/curio/pkg/commands/process/settings" "github.com/bearer/curio/pkg/flag" "github.com/bearer/curio/pkg/report/output/dataflow" + "github.com/bearer/curio/pkg/report/output/detectors" + "github.com/bearer/curio/pkg/report/output/policies" + "github.com/bearer/curio/pkg/report/output/stats" "github.com/bearer/curio/pkg/types" "gopkg.in/yaml.v3" @@ -50,51 +53,45 @@ func ReportYAML(report types.Report, output *zerolog.Event, config settings.Conf func getReportOutput(report types.Report, config settings.Config) (any, error) { if config.Report.Report == flag.ReportDetectors { - return GetDetectorsOutput(report) + return detectors.GetOutput(report) } else if config.Report.Report == flag.ReportDataFlow { - detections, err := GetDetectorsOutput(report) + detections, err := detectors.GetOutput(report) if err != nil { return nil, err } - return dataflow.GetOuput(detections, config) + return dataflow.GetOutput(detections, config) } else if config.Report.Report == flag.ReportPolicies { - detections, err := GetDetectorsOutput(report) + detections, err := detectors.GetOutput(report) if err != nil { return nil, err } - policiesData, err := dataflow.GetOuput(detections, config) + dataflow, err := dataflow.GetOutput(detections, config) if err != nil { return nil, err } + + return policies.GetOutput(dataflow, config) } else if config.Report.Report == flag.ReportStats { lineOfCodeOutput, err := stats.GoclocDetectorOutput(config.Scan.Target) if err != nil { return nil, err } - return policies.GetPolicies(policiesData, config) - } - detectorsOutput, err := detectors.GetOutput(report) if err != nil { return nil, err } - return nil, ErrUndefinedFormat -} dataflowOutput, err := dataflow.GetOutput(detectorsOutput, config) if err != nil { return nil, err } - output, err = stats.GetOutput(lineOfCodeOutput, dataflowOutput, config) - if err != nil { - return nil, err - } + return stats.GetOutput(lineOfCodeOutput, dataflowOutput, config) } - return output, nil + return nil, ErrUndefinedFormat } diff --git a/pkg/report/output/policies/policies.go b/pkg/report/output/policies/policies.go index ad4d36319..2e63eb45f 100644 --- a/pkg/report/output/policies/policies.go +++ b/pkg/report/output/policies/policies.go @@ -9,7 +9,7 @@ import ( "github.com/rs/zerolog/log" ) -func GetPolicies(dataflow *dataflow.DataFlow, config settings.Config) ([]rego.Vars, error) { +func GetOutput(dataflow *dataflow.DataFlow, config settings.Config) ([]rego.Vars, error) { ctx := context.TODO() var result []rego.Vars From cb594ece8be93fb261479dc71c701b3f665c9a1b Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:19:55 +0100 Subject: [PATCH 11/15] docs: update docs --- pkg/flag/report_flags.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/flag/report_flags.go b/pkg/flag/report_flags.go index 7c0ad0890..191700bb2 100644 --- a/pkg/flag/report_flags.go +++ b/pkg/flag/report_flags.go @@ -24,7 +24,7 @@ var ( Name: "report", ConfigName: "report.report", Value: ReportDetectors, - Usage: "specify the kind of report (detectors, dataflow)", + Usage: "specify the kind of report (detectors, dataflow, policies, stats)", } OutputFlag = Flag{ Name: "output", From 8904a084e0502bbb70586ceadfa972e608aea957 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:24:22 +0100 Subject: [PATCH 12/15] test: update tests --- .../flags/.snapshots/TestInitCommand-init | 2 +- .../.snapshots/TestMetadataFlags-help-scan | 2 +- .../.snapshots/TestMetadataFlags-scan-help | 2 +- ...TestReportFlags-domain-resolution-disabled | 2 +- .../.snapshots/TestReportFlags-format-json | 2 +- .../.snapshots/TestReportFlags-format-yaml | 58 ------------------- .../.snapshots/TestReportFlags-health-context | 2 +- .../flags/.snapshots/TestReportFlags-output | 2 +- .../TestReportFlags-report-detectors | 2 +- .../.snapshots/TestReportFlags-skipped-paths | 2 +- 10 files changed, 9 insertions(+), 67 deletions(-) diff --git a/integration/flags/.snapshots/TestInitCommand-init b/integration/flags/.snapshots/TestInitCommand-init index 1ad1ea6ec..492f98861 100644 --- a/integration/flags/.snapshots/TestInitCommand-init +++ b/integration/flags/.snapshots/TestInitCommand-init @@ -11,7 +11,7 @@ scan: - ruby patterns: - | - log.info(<$ARGUMENT>) + logger.info(<$ARGUMENT>) param_parenting: false metavars: {} stored: false diff --git a/integration/flags/.snapshots/TestMetadataFlags-help-scan b/integration/flags/.snapshots/TestMetadataFlags-help-scan index 28845ae1b..69f492fe2 100644 --- a/integration/flags/.snapshots/TestMetadataFlags-help-scan +++ b/integration/flags/.snapshots/TestMetadataFlags-help-scan @@ -35,7 +35,7 @@ Worker Flags Report Flags -f, --format string format (json, yaml) (default "json") --output string path where to save report - --report string specify the kind of report (detectors, dataflow, stats) (default "detectors") + --report string specify the kind of report (detectors, dataflow, policies, stats) (default "detectors") General Flags --config-file string file from which to load configurations diff --git a/integration/flags/.snapshots/TestMetadataFlags-scan-help b/integration/flags/.snapshots/TestMetadataFlags-scan-help index 28845ae1b..69f492fe2 100644 --- a/integration/flags/.snapshots/TestMetadataFlags-scan-help +++ b/integration/flags/.snapshots/TestMetadataFlags-scan-help @@ -35,7 +35,7 @@ Worker Flags Report Flags -f, --format string format (json, yaml) (default "json") --output string path where to save report - --report string specify the kind of report (detectors, dataflow, stats) (default "detectors") + --report string specify the kind of report (detectors, dataflow, policies, stats) (default "detectors") General Flags --config-file string file from which to load configurations diff --git a/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled b/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled index a7278968c..a7273c34f 100644 --- a/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled +++ b/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled @@ -1,4 +1,4 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-format-json b/integration/flags/.snapshots/TestReportFlags-format-json index a7278968c..a7273c34f 100644 --- a/integration/flags/.snapshots/TestReportFlags-format-json +++ b/integration/flags/.snapshots/TestReportFlags-format-json @@ -1,4 +1,4 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-format-yaml b/integration/flags/.snapshots/TestReportFlags-format-yaml index 0682529ac..6797e0ec0 100644 --- a/integration/flags/.snapshots/TestReportFlags-format-yaml +++ b/integration/flags/.snapshots/TestReportFlags-format-yaml @@ -1,61 +1,3 @@ -- detector_type: detect_ruby_logger - source: - column_number: 1 - filename: main.rb - language: Ruby - language_type: programming - line_number: 1 - text: null - type: custom_classified - value: - classification: - data_type: - data_category_name: Unique Identifier - default_category: Identification - id: 86 - uuid: 12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9 - decision: - reason: valid_object_with_invalid_properties - state: invalid - name: user - field_name: user - field_type: "" - field_type_simple: unknown - object_name: "" -- detector_type: detect_ruby_logger - source: - column_number: 6 - filename: main.rb - language: Ruby - language_type: programming - line_number: 1 - text: null - type: custom_classified - value: - classification: - decision: - reason: invalid_property - state: invalid - name: something - field_name: something - field_type: "" - field_type_simple: unknown - object_name: user -- detector_type: detect_ruby_logger - source: - column_number: 16 - filename: main.rb - language: Ruby - language_type: programming - line_number: 1 - text: null - type: custom_classified - value: - classification: null - field_name: something3 - field_type: "" - field_type_simple: unknown - object_name: something - detector_type: ruby source: column_number: 5 diff --git a/integration/flags/.snapshots/TestReportFlags-health-context b/integration/flags/.snapshots/TestReportFlags-health-context index a7278968c..a7273c34f 100644 --- a/integration/flags/.snapshots/TestReportFlags-health-context +++ b/integration/flags/.snapshots/TestReportFlags-health-context @@ -1,4 +1,4 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-output b/integration/flags/.snapshots/TestReportFlags-output index 5eb891574..f4195eace 100644 --- a/integration/flags/.snapshots/TestReportFlags-output +++ b/integration/flags/.snapshots/TestReportFlags-output @@ -1,2 +1,2 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] diff --git a/integration/flags/.snapshots/TestReportFlags-report-detectors b/integration/flags/.snapshots/TestReportFlags-report-detectors index a7278968c..a7273c34f 100644 --- a/integration/flags/.snapshots/TestReportFlags-report-detectors +++ b/integration/flags/.snapshots/TestReportFlags-report-detectors @@ -1,4 +1,4 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-skipped-paths b/integration/flags/.snapshots/TestReportFlags-skipped-paths index a7278968c..a7273c34f 100644 --- a/integration/flags/.snapshots/TestReportFlags-skipped-paths +++ b/integration/flags/.snapshots/TestReportFlags-skipped-paths @@ -1,4 +1,4 @@ -[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- From 8674693b82d2d0f0d2790d73658206992a3bdb74 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 14:29:13 +0100 Subject: [PATCH 13/15] test: update tests --- ...TestReportFlags-domain-resolution-disabled | 2 +- .../.snapshots/TestReportFlags-format-json | 2 +- .../.snapshots/TestReportFlags-format-yaml | 66 +++++++++++++++++-- .../.snapshots/TestReportFlags-health-context | 2 +- .../flags/.snapshots/TestReportFlags-output | 2 +- .../TestReportFlags-report-detectors | 2 +- .../.snapshots/TestReportFlags-skipped-paths | 2 +- integration/flags/testdata/simple/main.rb | 2 +- 8 files changed, 69 insertions(+), 11 deletions(-) diff --git a/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled b/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled index a7273c34f..a7438dea4 100644 --- a/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled +++ b/integration/flags/.snapshots/TestReportFlags-domain-resolution-disabled @@ -1,4 +1,4 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-format-json b/integration/flags/.snapshots/TestReportFlags-format-json index a7273c34f..a7438dea4 100644 --- a/integration/flags/.snapshots/TestReportFlags-format-json +++ b/integration/flags/.snapshots/TestReportFlags-format-json @@ -1,4 +1,4 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-format-yaml b/integration/flags/.snapshots/TestReportFlags-format-yaml index 6797e0ec0..2c9b3b023 100644 --- a/integration/flags/.snapshots/TestReportFlags-format-yaml +++ b/integration/flags/.snapshots/TestReportFlags-format-yaml @@ -1,6 +1,64 @@ +- detector_type: detect_ruby_logger + source: + column_number: 1 + filename: main.rb + language: Ruby + language_type: programming + line_number: 1 + text: null + type: custom_classified + value: + classification: + data_type: + data_category_name: Unique Identifier + default_category: Identification + id: 86 + uuid: 12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9 + decision: + reason: valid_object_with_invalid_properties + state: invalid + name: user + field_name: user + field_type: "" + field_type_simple: unknown + object_name: "" +- detector_type: detect_ruby_logger + source: + column_number: 6 + filename: main.rb + language: Ruby + language_type: programming + line_number: 1 + text: null + type: custom_classified + value: + classification: + decision: + reason: invalid_property + state: invalid + name: something + field_name: something + field_type: "" + field_type_simple: unknown + object_name: user +- detector_type: detect_ruby_logger + source: + column_number: 16 + filename: main.rb + language: Ruby + language_type: programming + line_number: 1 + text: null + type: custom_classified + value: + classification: null + field_name: something3 + field_type: "" + field_type_simple: unknown + object_name: something - detector_type: ruby source: - column_number: 5 + column_number: 8 filename: main.rb language: Ruby language_type: programming @@ -12,10 +70,10 @@ field_name: info field_type: "" field_type_simple: unknown - object_name: log + object_name: logger - detector_type: ruby source: - column_number: 26 + column_number: 29 filename: main.rb language: Ruby language_type: programming @@ -34,7 +92,7 @@ object_name: user - detector_type: ruby source: - column_number: 36 + column_number: 39 filename: main.rb language: Ruby language_type: programming diff --git a/integration/flags/.snapshots/TestReportFlags-health-context b/integration/flags/.snapshots/TestReportFlags-health-context index a7273c34f..a7438dea4 100644 --- a/integration/flags/.snapshots/TestReportFlags-health-context +++ b/integration/flags/.snapshots/TestReportFlags-health-context @@ -1,4 +1,4 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-output b/integration/flags/.snapshots/TestReportFlags-output index f4195eace..58a98a1dd 100644 --- a/integration/flags/.snapshots/TestReportFlags-output +++ b/integration/flags/.snapshots/TestReportFlags-output @@ -1,2 +1,2 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] diff --git a/integration/flags/.snapshots/TestReportFlags-report-detectors b/integration/flags/.snapshots/TestReportFlags-report-detectors index a7273c34f..a7438dea4 100644 --- a/integration/flags/.snapshots/TestReportFlags-report-detectors +++ b/integration/flags/.snapshots/TestReportFlags-report-detectors @@ -1,4 +1,4 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/.snapshots/TestReportFlags-skipped-paths b/integration/flags/.snapshots/TestReportFlags-skipped-paths index a7273c34f..a7438dea4 100644 --- a/integration/flags/.snapshots/TestReportFlags-skipped-paths +++ b/integration/flags/.snapshots/TestReportFlags-skipped-paths @@ -1,4 +1,4 @@ -[{"detector_type":"ruby","source":{"column_number":5,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"log"}},{"detector_type":"ruby","source":{"column_number":26,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":36,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] +[{"detector_type":"detect_ruby_logger","source":{"column_number":1,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"data_type":{"data_category_name":"Unique Identifier","default_category":"Identification","id":86,"uuid":"12d44ae0-1df7-4faf-9fb1-b46cc4b4dce9"},"decision":{"reason":"valid_object_with_invalid_properties","state":"invalid"},"name":"user"},"field_name":"user","field_type":"","field_type_simple":"unknown","object_name":""}},{"detector_type":"detect_ruby_logger","source":{"column_number":6,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"detect_ruby_logger","source":{"column_number":16,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"custom_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":8,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":29,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":39,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":1,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}},{"detector_type":"ruby","source":{"column_number":14,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"info","field_type":"","field_type_simple":"unknown","object_name":"logger"}},{"detector_type":"ruby","source":{"column_number":24,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":{"decision":{"reason":"invalid_property","state":"invalid"},"name":"something"},"field_name":"something","field_type":"","field_type_simple":"unknown","object_name":"user"}},{"detector_type":"ruby","source":{"column_number":34,"filename":"main.rb","language":"Ruby","language_type":"programming","line_number":3,"text":null},"type":"schema_classified","value":{"classification":null,"field_name":"something3","field_type":"","field_type_simple":"unknown","object_name":"something"}}] -- diff --git a/integration/flags/testdata/simple/main.rb b/integration/flags/testdata/simple/main.rb index c00d8c5a8..f0c6e1223 100644 --- a/integration/flags/testdata/simple/main.rb +++ b/integration/flags/testdata/simple/main.rb @@ -1,3 +1,3 @@ -log.info('testing', user.something.something3) +logger.info('testing', user.something.something3) Rails.logger.info(user.something.something3) \ No newline at end of file From 17dacbc1215b44686c7c0fc47e8b9cb4cb1ccd22 Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 16:59:33 +0100 Subject: [PATCH 14/15] test: add test for policies --- .../TestReportFlags-report-policies | 8 ++++++ integration/flags/init_test.go | 2 +- integration/flags/metadata_flags_test.go | 10 ++++---- integration/flags/report_flags_test.go | 25 +++++++++++-------- integration/flags/testdata/policies/users.rb | 1 + integration/internal/testhelper/testhelper.go | 10 ++++---- 6 files changed, 35 insertions(+), 21 deletions(-) create mode 100644 integration/flags/.snapshots/TestReportFlags-report-policies create mode 100644 integration/flags/testdata/policies/users.rb diff --git a/integration/flags/.snapshots/TestReportFlags-report-policies b/integration/flags/.snapshots/TestReportFlags-report-policies new file mode 100644 index 000000000..1abf77bc2 --- /dev/null +++ b/integration/flags/.snapshots/TestReportFlags-report-policies @@ -0,0 +1,8 @@ +- level: warning + locations: + - filename: users.rb + line_number: "1" + + +-- + diff --git a/integration/flags/init_test.go b/integration/flags/init_test.go index 621426756..b7c4c29da 100644 --- a/integration/flags/init_test.go +++ b/integration/flags/init_test.go @@ -13,7 +13,7 @@ func TestInitCommand(t *testing.T) { } testCase := testhelper.NewTestCase("init", []string{"init"}, options) - tests := []testhelper.TestCase{*testCase} + tests := []testhelper.TestCase{testCase} testhelper.RunTests(t, tests) } diff --git a/integration/flags/metadata_flags_test.go b/integration/flags/metadata_flags_test.go index 49f7d524f..e0afac52f 100644 --- a/integration/flags/metadata_flags_test.go +++ b/integration/flags/metadata_flags_test.go @@ -6,16 +6,16 @@ import ( "github.com/bearer/curio/integration/internal/testhelper" ) -func newMetadataTest(name string, arguments []string) *testhelper.TestCase { +func newMetadataTest(name string, arguments []string) testhelper.TestCase { return testhelper.NewTestCase(name, arguments, testhelper.TestCaseOptions{}) } func TestMetadataFlags(t *testing.T) { tests := []testhelper.TestCase{ - *newMetadataTest("help", []string{"help"}), - *newMetadataTest("version", []string{"version"}), - *newMetadataTest("scan-help", []string{"scan", "--help"}), - *newMetadataTest("help-scan", []string{"help", "scan"}), + newMetadataTest("help", []string{"help"}), + newMetadataTest("version", []string{"version"}), + newMetadataTest("scan-help", []string{"scan", "--help"}), + newMetadataTest("help-scan", []string{"help", "scan"}), } testhelper.RunTests(t, tests) diff --git a/integration/flags/report_flags_test.go b/integration/flags/report_flags_test.go index 4df7f328f..d29c9080b 100644 --- a/integration/flags/report_flags_test.go +++ b/integration/flags/report_flags_test.go @@ -9,8 +9,12 @@ import ( "github.com/bearer/curio/pkg/util/tmpfile" ) -func newScanTest(name string, arguments []string, outputPath string) *testhelper.TestCase { - arguments = append([]string{"scan", filepath.Join("testdata", "simple")}, arguments...) +func newScanTest(name string, arguments []string, outputPath string) testhelper.TestCase { + return newScanProject(name, arguments, outputPath, "simple") +} + +func newScanProject(name string, arguments []string, outputPath string, projectpath string) testhelper.TestCase { + arguments = append([]string{"scan", filepath.Join("testdata", projectpath)}, arguments...) options := testhelper.TestCaseOptions{ OutputPath: outputPath, StartWorker: true, @@ -25,14 +29,15 @@ func TestReportFlags(t *testing.T) { }) tests := []testhelper.TestCase{ - *newScanTest("format-json", []string{"--format=json"}, ""), - *newScanTest("format-yaml", []string{"--format=yaml"}, ""), - *newScanTest("report-detectors", []string{"--report=detectors"}, ""), - *newScanTest("report-dataflow", []string{"--report=dataflow"}, ""), - *newScanTest("output", []string{"--output=" + outputPath}, outputPath), - *newScanTest("health-context", []string{"--context=health"}, ""), - *newScanTest("domain-resolution-disabled", []string{"--disable-domain-resolution=true"}, ""), - *newScanTest("skipped-paths", []string{"--skip-path=\"users/*.go,users/admin.sql\""}, ""), + newScanTest("format-json", []string{"--format=json"}, ""), + newScanTest("format-yaml", []string{"--format=yaml"}, ""), + newScanTest("report-detectors", []string{"--report=detectors"}, ""), + newScanTest("report-dataflow", []string{"--report=dataflow"}, ""), + newScanProject("report-policies", []string{"--report=policies", "--format=yaml"}, "", "policies"), + newScanTest("output", []string{"--output=" + outputPath}, outputPath), + newScanTest("health-context", []string{"--context=health"}, ""), + newScanTest("domain-resolution-disabled", []string{"--disable-domain-resolution=true"}, ""), + newScanTest("skipped-paths", []string{"--skip-path=\"users/*.go,users/admin.sql\""}, ""), } testhelper.RunTests(t, tests) diff --git a/integration/flags/testdata/policies/users.rb b/integration/flags/testdata/policies/users.rb new file mode 100644 index 000000000..65959111b --- /dev/null +++ b/integration/flags/testdata/policies/users.rb @@ -0,0 +1 @@ +logger.info(user.address) \ No newline at end of file diff --git a/integration/internal/testhelper/testhelper.go b/integration/internal/testhelper/testhelper.go index 0d1a0d395..6808aed9b 100644 --- a/integration/internal/testhelper/testhelper.go +++ b/integration/internal/testhelper/testhelper.go @@ -24,13 +24,13 @@ type TestCase struct { } type TestCaseOptions struct { - RunInTempDir bool - OutputPath string - StartWorker bool + RunInTempDir bool + OutputPath string + StartWorker bool } -func NewTestCase(name string, arguments []string, options TestCaseOptions) *TestCase { - return &TestCase{ +func NewTestCase(name string, arguments []string, options TestCaseOptions) TestCase { + return TestCase{ name: name, arguments: arguments, shouldSucceed: true, From 965a56a000d8639038563fed6e6a20c85b0db4cd Mon Sep 17 00:00:00 2001 From: vjerci <27707350+vjerci@users.noreply.github.com> Date: Tue, 15 Nov 2022 16:59:54 +0100 Subject: [PATCH 15/15] fix: split query into 2 lines --- pkg/commands/process/settings/policies.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkg/commands/process/settings/policies.yml b/pkg/commands/process/settings/policies.yml index 4517edbc3..e5202c3df 100644 --- a/pkg/commands/process/settings/policies.yml +++ b/pkg/commands/process/settings/policies.yml @@ -1,7 +1,9 @@ logger_leaks: message: "Logger leaks detected" level: "warning" - query: "level = data.bearer.logger_leaks.level; locations = data.bearer.logger_leaks.locations" + query: | + level = data.bearer.logger_leaks.level + locations = data.bearer.logger_leaks.locations modules: - path: policies/logger_leaks.rego name: bearer.logger_leaks