-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.go
61 lines (49 loc) · 1.89 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package auditor
import (
"os"
"go.uber.org/zap"
"gopkg.in/yaml.v3"
"github.com/webdevops/azure-auditor/auditor/validator"
)
type (
AuditConfig struct {
RoleAssignments *validator.AuditConfigValidation `yaml:"roleAssignments"`
ResourceGroups *validator.AuditConfigValidation `yaml:"resourceGroups"`
ResourceProviders *validator.AuditConfigValidation `yaml:"resourceProviders"`
ResourceProviderFeatures *validator.AuditConfigValidation `yaml:"resourceProviderFeatures"`
KeyvaultAccessPolicies *validator.AuditConfigValidation `yaml:"keyvaultAccessPolicies"`
ResourceGraph *AuditConfigResourceGraph `yaml:"resourceGraph"`
LogAnalytics *AuditConfiLogAnalytics `yaml:"logAnalytics"`
}
AuditConfigResourceGraph struct {
Enabled bool `yaml:"enabled"`
Queries map[string]*validator.AuditConfigValidation `yaml:"queries"`
}
AuditConfiLogAnalytics struct {
Enabled bool `yaml:"enabled"`
Queries map[string]*validator.AuditConfigValidation `yaml:"queries"`
}
)
func (auditor *AzureAuditor) ParseConfig(configPaths ...string) {
var configRaw []byte
auditor.config = AuditConfig{}
for _, path := range configPaths {
auditor.Logger.Infof("reading configuration from file %v", path)
/* #nosec */
if data, err := os.ReadFile(path); err == nil {
configRaw = data
} else {
auditor.Logger.Panic(err)
}
auditor.Logger.With(zap.String("path", path)).Info("parsing configuration")
if err := yaml.Unmarshal(configRaw, &auditor.config); err != nil {
auditor.Logger.Panic(err)
}
}
}
func (config *AuditConfigResourceGraph) IsEnabled() bool {
return config != nil && config.Enabled && len(config.Queries) >= 1
}
func (config *AuditConfiLogAnalytics) IsEnabled() bool {
return config != nil && config.Enabled && len(config.Queries) >= 1
}