Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: Add documentation for contributing additional checks to the trivy policies repo #6234

Merged
merged 20 commits into from
May 22, 2024

Conversation

AnaisUrlichs
Copy link
Contributor

The documentation is taken from the defsec repository and rewritten:
https://github.com/aquasecurity/defsec/blob/master/CONTRIBUTING.md

docs/community/contribute/checks/overview.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/overview.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/overview.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/overview.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/overview.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/service-support.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/service-support.md Outdated Show resolved Hide resolved
docs/community/contribute/checks/service-support.md Outdated Show resolved Hide resolved

Now you'll need to update all of the adapters which populate the Foo provider struct. For example, if you want to support Terraform, you'll need to update `internal/adapters/terraform/foo/bar/adapt.go`.

Finally, make sure you run make schema to generate the schema for your new service.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

explain what, who

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there's naturally some overlap between this and the other doc about custom checks. given the difference between them is only an extra step (do you want to contribute it or keep it to yourself), it highlights the inconsistency between the otherwise similar docs. for example, this doc basically documents how to write an AWS check, but I wouldn't think to read it if I didn't want to contribute to Trivy. If it's not too much, I would refactor the content into: 1) creating custom checks - should fully document all the guidelines related to the rego file, testing, metadata, AWS examples etc. this can be multiple docs if needed. 2) contributing a custom check to trivy - refers to the other doc and explains how to take a check you wrote (not explained here) and just contribute it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I rewrote it -- some components that are not relevant for anyone writing custom checks for their usage of Trivy are however a requirement when contributing the check back into Trivy

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a difference between

  1. Writing/Contributing Rego Checks
  2. Writing/Contributing Custom Compliance Reports

This docs is the first

@AnaisUrlichs AnaisUrlichs force-pushed the checks-contrib-docs branch 2 times, most recently from 3bbfe5f to c9255cd Compare March 7, 2024 13:13
@AnaisUrlichs AnaisUrlichs requested review from simar7 and removed request for nikpivkin March 7, 2024 14:12
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
@simar7
Copy link
Member

simar7 commented May 22, 2024

@AnaisUrlichs I updated the PR with some more changes around reference the checks repo, if you are done with pushing updates to it, I think we can merge this.

@simar7 simar7 self-requested a review May 22, 2024 04:05
@itaysk itaysk added this pull request to the merge queue May 22, 2024
Merged via the queue into aquasecurity:main with commit 693d8c5 May 22, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants