Skip to content
Snippets Groups Projects
Commit de35bb3f authored by nenad.petrovic@xlab.si's avatar nenad.petrovic@xlab.si Committed by Mati(ja)c Cankar
Browse files

Fixed visualization for various tools and added INFO outcome for cloc tool

parent 2f5083bd
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/iac_scan_runner/compatibility.py
+ 15
11
View file @ de35bb3f
...@@ -4,16 +4,16 @@ from typing import List ...@@ -4,16 +4,16 @@ from typing import List
class Compatibility: class Compatibility:
# TODO: This matrix should be revised and extended, it is just a proof of concept here as for now # TODO: This matrix should be revised and extended, it is just a proof of concept here as for now
compatibility_matrix = { compatibility_matrix = {
"terraform": ["tfsec", "tflint", "terrascan", "git-leaks", "git-secrets"], "terraform": ["tfsec", "tflint", "terrascan", "git-leaks", "git-secrets", "cloc"],
"yaml": ["git-leaks", "yamllint", "git-secrets", "ansible-lint", "steampunk-scanner"], "yaml": ["git-leaks", "yamllint", "git-secrets", "ansible-lint", "steampunk-scanner", "cloc"],
"shell": ["shellcheck", "git-leaks", "git-secrets"], "shell": ["shellcheck", "git-leaks", "git-secrets", "cloc"],
"python": ["pylint", "bandit", "pyup-safety"], "python": ["pylint", "bandit", "pyup-safety", "cloc"],
#"ansible": ["ansible-lint", "steampunk-scanner"], "java": ["checkstyle", "cloc"],
"java": ["checkstyle"], "js": ["es-lint", "ts-lint", "cloc"],
"js": ["es-lint", "ts-lint"], "html": ["htmlhint", "cloc"],
"html": ["htmlhint"], "docker": ["hadolint", "cloc"],
"docker": ["hadolint"], "common": ["git-leaks", "git-secrets", "cloc"],
"other": ["git-leaks", "git-secrets"], "other": []
} }
def __init__(self): def __init__(self):
...@@ -48,12 +48,13 @@ class Compatibility: ...@@ -48,12 +48,13 @@ class Compatibility:
scanned_js = [] scanned_js = []
scanned_docker = [] scanned_docker = []
scanned_other = [] scanned_other = []
scanned_all = []
# TODO: List of supported file types should be extended # TODO: List of supported file types should be extended
# TODO: Remove hardcoded check names # TODO: Remove hardcoded check names
try: try:
for root, folders, names in os.walk(iac_directory): for root, folders, names in os.walk(iac_directory):
for f in names: for f in names:
scanned_all.append(f)
if (f.find(".tf") > -1) or (f.find(".tftpl") > -1): if (f.find(".tf") > -1) or (f.find(".tftpl") > -1):
types.append("terraform") types.append("terraform")
scanned_terraform.append(f) scanned_terraform.append(f)
...@@ -90,6 +91,8 @@ class Compatibility: ...@@ -90,6 +91,8 @@ class Compatibility:
types.append("other") types.append("other")
scanned_other.append(f) scanned_other.append(f)
types.append("common")
self.scanned_files["terraform"] = str(scanned_terraform) self.scanned_files["terraform"] = str(scanned_terraform)
self.scanned_files["python"] = str(scanned_py) self.scanned_files["python"] = str(scanned_py)
self.scanned_files["shell"] = str(scanned_shell) self.scanned_files["shell"] = str(scanned_shell)
...@@ -99,6 +102,7 @@ class Compatibility: ...@@ -99,6 +102,7 @@ class Compatibility:
self.scanned_files["js"] = str(scanned_js) self.scanned_files["js"] = str(scanned_js)
self.scanned_files["docker"] = str(scanned_docker) self.scanned_files["docker"] = str(scanned_docker)
self.scanned_files["other"] = str(scanned_other) self.scanned_files["other"] = str(scanned_other)
self.scanned_files["common"] = str(scanned_all)
types = set(types) types = set(types)
......
src/iac_scan_runner/results_summary.py
+ 23
0
View file @ de35bb3f
...@@ -63,6 +63,14 @@ class ResultsSummary: ...@@ -63,6 +63,14 @@ class ResultsSummary:
self.outcomes[check]["status"] = "Problems" self.outcomes[check]["status"] = "Problems"
return "Problems" return "Problems"
elif check == "git-secrets":
if outcome=="":
self.outcomes[check]["status"] = "Passed"
return "Passed"
else:
self.outcomes[check]["status"] = "Problems"
return "Problems"
elif check == "terrascan": elif check == "terrascan":
if outcome == "": if outcome == "":
self.outcomes[check]["status"] = "Passed" self.outcomes[check]["status"] = "Passed"
...@@ -159,6 +167,10 @@ class ResultsSummary: ...@@ -159,6 +167,10 @@ class ResultsSummary:
self.outcomes[check]["status"] = "Problems" self.outcomes[check]["status"] = "Problems"
return "Problems" return "Problems"
elif check == "cloc":
self.outcomes[check]["status"] = "Info"
return "Info"
elif check == "ansible-lint": elif check == "ansible-lint":
if outcome=="": if outcome=="":
self.outcomes[check]["status"] = "Passed" self.outcomes[check]["status"] = "Passed"
...@@ -236,6 +248,17 @@ class ResultsSummary: ...@@ -236,6 +248,17 @@ class ResultsSummary:
html_page = html_page + "<td>" + self.outcomes[scan]["log"] + "</td>" html_page = html_page + "<td>" + self.outcomes[scan]["log"] + "</td>"
html_page = html_page + "</tr>" html_page = html_page + "</tr>"
for scan in self.outcomes:
if self.outcomes[scan]["status"] == "Info":
html_page = html_page + "<tr>"
html_page = html_page + "<td>" + scan + "</td>"
html_page = html_page + "<td bgcolor='yellow'>" + str(self.outcomes[scan]["status"]) + "</td>"
html_page = html_page + "<td>" + self.outcomes[scan]["files"] + "</td>"
html_page = html_page + "<td>" + self.outcomes[scan]["log"] + "</td>"
html_page = html_page + "</tr>"
for scan in self.outcomes: for scan in self.outcomes:
if self.outcomes[scan]["status"] == "No files": if self.outcomes[scan]["status"] == "No files":
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment