Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Really poor documentation....? #94

Open
evmimagina opened this issue Dec 20, 2023 · 2 comments
Open

Really poor documentation....? #94

evmimagina opened this issue Dec 20, 2023 · 2 comments

Comments

@evmimagina
Copy link

Almost nothing else to say, it's quite clear to anyone that hits this product and it's repo.

Let me explain why it is very disappointing its poor documentation considering that this a product cost money.

Few examples:

  • where would be convenient to set the task to be executed? (first task, last one., somewhere in the middle?)
  • Categories and/or tools, which one should be used and under which circunstancies?
  • how to configure parameters as environment variables? the wiki page doesn't explain how to do it properly without breaking things, what the GDN_ (optional) prefix is intended for?
  • how to use it?? e.g. :
    - task: MicrosoftSecurityDevOps@1
      displayName: Microsoft Security DevOps
      env:
        Terrascan_IacDir: '$(build.artifactstagingdirectory)/$(ENV)'

as per the documentation, this config should be correct? because it fails with the following error:

The target directory is not provided. Defaults to the working directory: /home/vsts/work/1/s.
The platform is not provided. Defaults to the current OS: Linux.
Starting tools applicability analysis...
Tools Applicability Infomation:
Found no applicable tools.

Completed tools applicability analysis.
##[error]RunCommandNoOptionsException: No applicable tools were detected. Run requires at least one configuration to run. Provide at least one Guardian config or tool with --config or --tool.
##[error]MSDO CLI exited with an error exit code: 2

oh, wait! if I do this, it works!

    - task: MicrosoftSecurityDevOps@1
      displayName: Microsoft Security DevOps
      env:
        Terrascan_IacDir: '$(build.artifactstagingdirectory)/$(ENV)'
      inputs:
        command: 'run'
        break: true
        categories: 'IaC,secrets,code'
        tools: 'terrascan'

but still not sure if I should use categories, tools or both.

Do you see my concerns?

I hope you can address the documentation gap ASAP.

Many thanks and best regards,
@ncook-hxgn
Copy link

Also, please provide some sample config for each tool as a json file: we had to find out about msdo-linux file the hard way. Today I will probably spend literal hours trying to extend my colleagues' config to just run binskim..

so much potential here.

@michasacuer
Copy link

Same issue with Checkov config... Json file from wiki is wrong and parameters does not allign with Checkov, for example Directory should be a TargetDirectory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ncook-hxgn @michasacuer @evmimagina