Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for remediation doc to regotools metadoc #352

Merged
merged 1 commit into from
Aug 17, 2022
Merged

Added support for remediation doc to regotools metadoc #352

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
27 changes: 15 additions & 12 deletions pkg/regotools/metadoc/metadoc.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,14 @@ type RegoMeta struct {
metadocEndLine int // End of metadoc, -1 if not present
metadoc map[string]interface{} // Dynamic metadoc

Id string
Title string
Description string
Severity string
Controls map[string][]string
Families []string
Providers []string
Id string
Title string
Description string
Severity string
Controls map[string][]string
Families []string
Providers []string
RuleRemediationDoc string

ResourceType string // Resource type
resourceTypeLine int
Expand All @@ -74,11 +75,12 @@ func RegoMetaFromPath(path string) (*RegoMeta, error) {
}

type metadocCustom struct {
Severity string `json:"severity"`
Controls map[string][]string `json:"controls"`
Families []string `json:"families"`
Provider string `json:"provider"`
Providers []string `json:"providers"`
Severity string `json:"severity"`
Controls map[string][]string `json:"controls"`
Families []string `json:"families"`
Provider string `json:"provider"`
Providers []string `json:"providers"`
RuleRemediationDoc string `json:"rule_remediation_doc"`
}

type metadoc struct {
Expand Down Expand Up @@ -193,6 +195,7 @@ func RegoMetaFromString(str string) (*RegoMeta, error) {
rego.Severity = metadoc.Custom.Severity
rego.Families = metadoc.Custom.Families
rego.Providers = metadoc.Custom.Providers
rego.RuleRemediationDoc = metadoc.Custom.RuleRemediationDoc

// Migrate old provider field.
if len(rego.Providers) == 0 && len(metadoc.Custom.Provider) != 0 {
Expand Down
5 changes: 4 additions & 1 deletion pkg/regotools/metadoc/metadoc_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,8 @@ __rego__metadoc__ := {
"MyCustomFamily",
"1172ca4f-6d31-4c46-a085-54ff73c6ed27"
],
"provider": "AWS"
"provider": "AWS",
"rule_remediation_doc": "https://example.com/remediationdoc",
},
"description": "EBS volume encryption should be enabled. Enabling encryption on EBS volumes protects data at rest inside the volume, data in transit between the volume and the instance, snapshots created from the volume, and volumes created from those snapshots. EBS volumes are encrypted using KMS keys.",
"id": "FG_R00016",
Expand Down Expand Up @@ -113,6 +114,7 @@ allow {
},
rego.Controls)
assert.Equal(t, []string{"AWS"}, rego.Providers)
assert.Equal(t, "https://example.com/remediationdoc", rego.RuleRemediationDoc)

rego.Description = "Updated description"
rego.Severity = "Low"
Expand All @@ -139,6 +141,7 @@ __rego__metadoc__ := {
"AZURE",
"REPOSITORY"
],
"rule_remediation_doc": "https://example.com/remediationdoc",
"severity": "Low"
},
"description": "Updated description",
Expand Down