-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathchecker.sh
executable file
·54 lines (40 loc) · 938 Bytes
/
checker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/usr/bin/env bash
RED="\e[31m"
ORANGE="\e[33m"
BLUE="\e[94m"
GREEN="\e[92m"
STOP="\e[0m"
printf "${BLUE}"
figlet -w 200 -f small "Checker"
file="fails.json"
path="${1:-.}"
echo "Scanning path:$path"
if [ -f "$file" ]; then
rm "$file"
fi
#define expectations
expected=3964
# run the tools
checkov -o json -d $path >"$path/$file"
terraform=$(cat "$path/$file" | jq '.[]| select("check_type")| .summary.failed')
counts=$(cat "$path/$file" | jq '.[]| select("check_type")| .summary.resource_count')
for i in ${terraform[@]}; do
let total+=$i
done
for i in ${counts[@]}; do
let resources+=$i
done
printf "${RED}"
figlet -w 200 -f small "Results"
echo "Found Checkov $total"
echo "Resource count: $resources"
echo "Expected: $expected and found: $total"
figlet Versions
echo $(terraform version)
echo "Checkov $(checkov -v)"
printf "${STOP}"
# shellcheck disable=SC2086
if [ $total != $expected ]; then
exit 1
fi
exit 0