feat: load compliance report fs

Signed-off-by: chenk <hen.keinan@gmail.com>
aquasecurity · Nov 20, 2022 · 77251fd · 77251fd
1 parent d321ba4
commit 77251fd
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/docs/docs/kubernetes/cli/compliance.md b/docs/docs/kubernetes/cli/compliance.md
@@ -88,7 +88,7 @@ spec:
   title: nsa # report title 
   description: National Security Agency - Kubernetes Hardening Guidance # description of the report
   relatedResources :
-    - https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/ # refreance is related to public or internal spec
+    - https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/ # reference is related to public or internal spec
   version: "1.0" # spec version
   controls:
     - name: Non-root containers # short control naming
@@ -107,7 +107,7 @@ spec:
 
 ## Custom report CLI Commands
 
-To generate the custom report an custom spec file path should be passed to the trivy command with `@` prefix as follow:
+To generate the custom report, an custom spec file path should be passed to the `--compliance` flag with `@` prefix as follow:
 
 
 ```

diff --git a/pkg/compliance/spec/compliance.go b/pkg/compliance/spec/compliance.go
@@ -101,14 +101,14 @@ func securityCheckByCheckID(checkID string) types.SecurityCheck {
 }
 
 // GetComlianceSpec accepct compliance flag name/path and return builtin or file system loaded spec
-func GetComplianceSpec(specNameOrPath string) (string, error) {
+func GetComplianceSpec(specNameOrPath string) ([]byte, error) {
 	if strings.HasPrefix(specNameOrPath, "@") {
 		buf, err := os.ReadFile(strings.TrimPrefix(specNameOrPath, "@"))
 		if err != nil {
-			return "", fmt.Errorf("error retrieving compliance spec from path: %w", err)
+			return []byte{}, fmt.Errorf("error retrieving compliance spec from path: %w", err)
 		}
-		return string(buf), nil
+		return buf, nil
 	}
-	return sp.NewSpecLoader().GetSpecByName(specNameOrPath), nil
+	return []byte(sp.NewSpecLoader().GetSpecByName(specNameOrPath)), nil
 
 }
diff --git a/pkg/k8s/commands/run.go b/pkg/k8s/commands/run.go
@@ -87,7 +87,7 @@ func (r *runner) run(ctx context.Context, artifacts []*artifacts.Artifact) error
 		if err != nil {
 			return xerrors.Errorf("spec loading from file system error: %w", err)
 		}
-		if err = yaml.Unmarshal([]byte(cs), &complianceSpec); err != nil {
+		if err = yaml.Unmarshal(cs, &complianceSpec); err != nil {
 			return xerrors.Errorf("yaml unmarshal error: %w", err)
 		}
 		securityChecks, err := complianceSpec.SecurityChecks()