-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: Add documentation for contributing additional checks to the trivy policies repo #6234
Conversation
|
||
Now you'll need to update all of the adapters which populate the Foo provider struct. For example, if you want to support Terraform, you'll need to update `internal/adapters/terraform/foo/bar/adapt.go`. | ||
|
||
Finally, make sure you run make schema to generate the schema for your new service. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
explain what, who
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there's naturally some overlap between this and the other doc about custom checks. given the difference between them is only an extra step (do you want to contribute it or keep it to yourself), it highlights the inconsistency between the otherwise similar docs. for example, this doc basically documents how to write an AWS check, but I wouldn't think to read it if I didn't want to contribute to Trivy. If it's not too much, I would refactor the content into: 1) creating custom checks - should fully document all the guidelines related to the rego file, testing, metadata, AWS examples etc. this can be multiple docs if needed. 2) contributing a custom check to trivy - refers to the other doc and explains how to take a check you wrote (not explained here) and just contribute it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I rewrote it -- some components that are not relevant for anyone writing custom checks for their usage of Trivy are however a requirement when contributing the check back into Trivy
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a difference between
- Writing/Contributing Rego Checks
- Writing/Contributing Custom Compliance Reports
This docs is the first
d0fbeb9
to
d9a2ee3
Compare
3bbfe5f
to
c9255cd
Compare
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
3fbfa15
to
b5c7300
Compare
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
@AnaisUrlichs I updated the PR with some more changes around reference the checks repo, if you are done with pushing updates to it, I think we can merge this. |
The documentation is taken from the defsec repository and rewritten:
https://github.com/aquasecurity/defsec/blob/master/CONTRIBUTING.md