Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore is not working correctly on YAML files #6599

Closed
felipeng opened this issue Aug 3, 2023 · 0 comments · Fixed by #6611
Closed

Ignore is not working correctly on YAML files #6599

felipeng opened this issue Aug 3, 2023 · 0 comments · Fixed by #6611
Labels
bug Something isn't working community Community contribution kubernetes Kubernetes query

Comments

@felipeng
Copy link

felipeng commented Aug 3, 2023

Steps to Reproduce the Problem

  1. Create a new helm-chart: helm create test
  2. Add volumes on test/templates/deployment.yaml:
          volumeMounts:
          - name: dir1
            mountPath: /var/dir1
      volumes:
      - name: dir1
        emptyDir: {}
  1. Run kics: kics scan -t Kubernetes -p test/ -i b7652612-de4e-4466-a0bf-1cd81f0c6063

Test environment validated, KICS is identifying the issue

Ignoring the query

Ignoring the whole file (not working)

  1. Added the following text on the top of test/templates/deployment.yaml
---
# kics-scan ignore
  1. Run kics: kics scan -t Kubernetes -p test/ -i b7652612-de4e-4466-a0bf-1cd81f0c6063
  2. KICS doesn't ignore the query

Disabling the query b7652612-de4e-4466-a0bf-1cd81f0c6063 (not working)

  1. Added the following text on the top of test/templates/deployment.yaml
---
# kics-scan disable=b7652612-de4e-4466-a0bf-1cd81f0c6063
  1. Run kics: kics scan -t Kubernetes -p test/ -i b7652612-de4e-4466-a0bf-1cd81f0c6063
  2. KICS doesn't ignore the query

Ignore block (partially working)

  1. Added the ignore-block on test/templates/deployment.yaml
          # kics-scan ignore-block
          volumeMounts:
          - name: dir1
            mountPath: /var/dir1
  1. Run kics: kics scan -t Kubernetes -p test/ -i b7652612-de4e-4466-a0bf-1cd81f0c6063
  2. KICS ignore the query, working!
  3. However if the volumeMounts has multiple volumes, don't work. Example:
          # kics-scan ignore-block
          volumeMounts:
          - name: dir1
            mountPath: /var/dir1
          - name: dir2
            mountPath: /var/dir2
      volumes:
      - name: dir1
        emptyDir: {}
      - name: dir2
        emptyDir: {}

Specifications

  • Version: 1.7.5

Specifications

  • Version: 1.7.5
@felipeng felipeng added bug Something isn't working community Community contribution labels Aug 3, 2023
@github-actions github-actions bot added query New query feature kubernetes Kubernetes query and removed bug Something isn't working labels Aug 3, 2023
@freitasmillena freitasmillena added bug Something isn't working and removed query New query feature labels Aug 3, 2023
@cx-henriqueAlvelos cx-henriqueAlvelos linked a pull request Aug 5, 2023 that will close this issue
fix(query): countLines, IgnoreLines and fileCommands #6611
Merged
@cx-henriqueAlvelos cx-henriqueAlvelos mentioned this issue Aug 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working community Community contribution kubernetes Kubernetes query
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(query): countLines, IgnoreLines and fileCommands Checkmarx/kics
2 participants
@felipeng @freitasmillena