-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🎉 Have checkov be callable from Python #774
🎉 Have checkov be callable from Python #774
Conversation
checkov/main.py
Outdated
parser = argparse.ArgumentParser(description='Infrastructure as code static analysis') | ||
add_parser_args(parser) | ||
args = parser.parse_args() | ||
args = parser.parse_args(argv or ['--help']) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if we want the or ['--help']
I normally find it useful, but up to you
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, Haven't worked that way in the past.
@KevinHock Can you elaborate on what it means?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll change this back to what it was
It turns out calling checkov
with no args gives the following, which we wouldn't want to override with --help
:
% checkov
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By bridgecrew.io | version: 1.0.695
Visualize and collaborate on security issues with Bridgecrew!
Bridgecrew's dashboard allows automation of future checks, Pull Request scanning and auto-comments, automatic remidiation PR's and more!
Plus it's free for 100 cloud resources and a great way to visualize and collaborate on Checkov results. For more information on dashboard integration, see: http://bridge.dev/checkov-dashboard
To instantly see future Checkov scans in the platform, Press y!
Visualize results? (y/n): y
Email Address?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I pip install -e .
d the version I have now and got the following, which we could override with --help
automatically if we wanted to:
% checkov
_ _
___| |__ ___ ___| | _______ __
/ __| '_ \ / _ \/ __| |/ / _ \ \ / /
| (__| | | | __/ (__| < (_) \ V /
\___|_| |_|\___|\___|_|\_\___/ \_/
By bridgecrew.io | version: 1.0.693
Update available 1.0.693 → 1.0.695
Run pip3 install -U checkov to update
No argument given. Try ` --help` for further information
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@KevinHock we should keep the current behaviour of when no args are given (prompt to integrate into bridgecrew platform).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, I've removed, sgtm, thanks!
b8e1c5e
to
dc9587c
Compare
removed the --help |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested in local environments, looks good to me keeping zero default args, thanks @KevinHock 👍
Thank you @KevinHock @metahertz |
* Functioning --quiet for -o json. Needs tests, looking at #774 for callable unit test and passing in cli params * added integration test for -o json --quiet
* Functioning --quiet for -o json. Needs tests, looking at #774 for callable unit test and passing in cli params * added integration test for -o json --quiet
Solves #530
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.