[pull] master from accurics:master #136
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
* update go mod file * go 1.17 supporting changes Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
* add yaml dependency for yaml-json conversion * dep update * best effort cft file parse/load * variable name fix * remove switch case, add errors * fix panicking resource * file extension match fix * error appending, constant removal, dirScanErr use * add err nil check * attempt unsafe assertion fix * add test case for partially incorrect cft file * test cases updated * test case logic fix * change multierr library in use * optimize preparse, mv function name to cleanTemplate * update deps * update tests * panicking test fix * use hashicorp multierr * use abs file dir instead of path * move cftResource to types.go * add marshal step in tests * tests update * new fixes
* Add Security Policy, Contributing doc, Sonar Cloud Added a security.md security policy for terrascan and created a contributing.md file. I would recommend adding any coding conventions you want the open source community to follow in this document to keep code styling standard. Also added sonar-cloud in the gobuid.yml action. * Adding the sonarcloud action * Adding the security.md policy and Quality Gate badge Added the sonarcloud quality gate badge and the security.md policy. Since we have automatic analysis enabled on SonarCloud, we will not execute in the CI pipeline * Removed sonar properties file not needed * removing contributing doc Did not realize one existed already
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com> Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
* typo: Change "desitnation" to "destination" * typo: Change "desitnation" to "destination" Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
* add setCodePackage function * add support for aws::serverless::function * rm src code hash field * minor var name fix * rm unused param * revert last commit * clean function calls * minor fix
* phase 1 * download commercial poilcies phase 2 * phase 3 * unescape characters in json metadata * add test data * add test case for conversion * fix variable name * status code check add * add response status code * add comments for exported functions * make empty docker folder to satisfy dir structure * change to use 'environment' keyword * env keyword, %w to wrap errors * add file hader * wrap errors in %w * rm tabsapce const * addressing review comments * use bytes.equal * add method for getType, constructor for newPolicy * changes: 1. save IO operations, avoid overwriting rego code file 2. wrap errors wherever required * invalid policy test cases * add table error cases structure * minor fix * docker error return nil check * no error if response code 404 Co-authored-by: Gaurav Gogia <ggogia@Gauravs-MacBook-Pro.local>
…ter branch (#1210) Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
* Update README.md updated discord link ! * Update README.md Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
* adds: dir scan errors in human readable output format * adds: iac types identified information in result * code nits * remove unwanted log Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
* Use Docker buildx for multi-platform support * test docker build * test docker build * Create docker buildx context Co-authored-by: Cesar Rodriguez <cesar@accurics.com>
* Update alpine version * Updating the argocd base image
Co-authored-by: Suvarna Rokade <suvarna.rokade@accurics.com>
* Create Security.yml * Add Security Scanning workflow * update command Removing the all projects option
* file out writer implementation * fixed golint error * updated logs and doc URLs * fixed broken section anchor * fixed test cases * review changes * fixed test cases * review changes
Bumps [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) from 1.5.7 to 1.5.11. - [Release notes](https://github.com/hashicorp/go-getter/releases) - [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml) - [Commits](hashicorp/go-getter@v1.5.7...v1.5.11) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-getter dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* increasing webhook test timeout to 30 sec --------- Co-authored-by: Nitin More <nmore@tenable.com>
* fix openssl-libcrypto1.1@1.1.1u-r1 library vulnerability --------- Co-authored-by: Nitin More <nmore@tenable.com>
Co-authored-by: Suvarna Rokade <srokade@tenable.com>
* releaser fixes --------- Co-authored-by: Suvarna Rokade <srokade@tenable.com>
* update deps * update crypto and docker deps to fix vuln --------- Co-authored-by: Suvarna Rokade <srokade@tenable.com>
Co-authored-by: Suvarna Rokade <srokade@tenable.com>
* 1061: simplify Dockerfile * 1061: multi-platform build on CI, single platform locally CI auto push * 1061: qemu * 1061: MULTIPLATFORM build is not same as CI * 1061: permissions * 1061: better target name * 1061: Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: actions/checkout@v2, actions/setup-go@v1 Skipping codecov/codecov-action@v1 ... * permissions are not needed because this project publishes to dockerhub, not a a GH package * permissions are not needed because this project publishes to dockerhub, not a a GH package
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. - [Commits](golang/net@v0.7.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.51.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.51.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* update deployment to use cloudbees Co-authored-by: Suvarna Rokade <srokade@tenable.com>
Co-authored-by: Suvarna Rokade <srokade@tenable.com>
update app id
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8
… fail (#1656) * fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * Fix the int,float value to string in resource parameters * updated version to 1.18.10
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * Fix the int,float value to string in resource parameters * updated version to 1.18.10 * Fix e2e test due to double digit minor version
* Dispaly line numbers for cft violations * Updating version * Update go version and fix lint * Update go version to 1.21
…and other config changes APE-16695, APE-16692, APE-16734 (#1673) * fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * APE-16518 - improve the stability of yaml to json parsing * Fixed indirect resource id reference and rds-cluster and restapi for gatewaystage * add resource references for json format * terraform resource type names added * terraform res type names added for reference * fixed lint errors for comments * tags name added as per terraform structure * lint fixes * add dynamodb BillingMode property * fixed lint error * added CrossZoneLoadBalancing for lb * load balancer lb added * fixing lint errors * APE-16777 APE-16773 fixed attribute as per normalize json * fix lint * Update ecs-service.go * Update ecs-service.go * Update ecs-service.go * sonar issue resolved * sonar issue resolved --------- Co-authored-by: pankaj rai <parai@tenable.com> Co-authored-by: prai80 <106154428+prai80@users.noreply.github.com>
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-ALPINE314-ZLIB-2976174 - https://snyk.io/vuln/SNYK-ALPINE314-OPENSSL-3314637 - https://snyk.io/vuln/SNYK-ALPINE314-OPENSSL-3314646 - https://snyk.io/vuln/SNYK-ALPINE314-OPENSSL-3314653 - https://snyk.io/vuln/SNYK-ALPINE314-OPENSSL-3368739 Co-authored-by: snyk-bot <snyk-bot@snyk.io>
…1692) * test commit * fix for goreleaser * fix static checks * add lint ignore * sonar fixes * go mmode files added * fix go get errors * removing sonar errors * removing sonar errors * fixed duplicates * fix sonar errors * go format * fix tests * fix lint errors * fix lint errors * review comments * placeholder checkin
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * fix tests * fix docker file parsing and rego after go.mod changes * Fix go-getter vulnerability
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * fix tests * fix docker file parsing and rego after go.mod changes * Fix go-getter vulnerability * fix CVE-2022-30636 crypto vulnerability * fix CVE-2022-30636 crypto vulnerability * ignore protobuf warnings * ignore protobuf warnings * remove commented lines
… go releaser (#1703) * fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * fix tests * fix docker file parsing and rego after go.mod changes * Fix go-getter vulnerability * fix CVE-2022-30636 crypto vulnerability * fix CVE-2022-30636 crypto vulnerability * ignore protobuf warnings * ignore protobuf warnings * remove commented lines * Fix protobuf warnings to be ignored in goreleaser * retrigger sonar analysis
* fix for crash in lambda function cft yaml if code key is not present * removed duplicate tag image tag * bump up the version to 1.18.5 * added feature to parse cft template for ssm parameter * bumped the version to 1.18.7 * bump up version to v1.18.8 * Sanitize the cft template file for aws:: words as it causes parser to fail * Sanitize the cft template file for aws:: words as it causes parser to fail * increment version * fix tests * fix docker file parsing and rego after go.mod changes * Fix go-getter vulnerability * fix CVE-2022-30636 crypto vulnerability * fix CVE-2022-30636 crypto vulnerability * ignore protobuf warnings * ignore protobuf warnings * remove commented lines * Fix protobuf warnings to be ignored in goreleaser * retrigger sonar analysis * bump up the version
Fix protobuf errors in binary built in terrascan
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )