-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(misconf): Remove unused options #7849
Labels
scan/misconfiguration
Issues relating to misconfiguration scanning
Milestone
Comments
simar7
added
the
scan/misconfiguration
Issues relating to misconfiguration scanning
label
Nov 1, 2024
Warnings are used in trivy-operator tests: grep -rn "warn"
./go.mod:360: gopkg.in/warnings.v0 v0.1.2 // indirect
./go.sum:1799:gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
./go.sum:1800:gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
./docs/docs/design/design_compliance_report.md:483: "status": "warn"
./docs/docs/compliance/compliance.md:3:!!! warning "EXPERIMENTAL"
./docs/getting-started/installation/upgrade.md:8:!!! warning
./docs/tutorials/writing-custom-configuration-audit-policies.md:36:Once we've got our metadata defined, we need to create the logic of the policy, which is done in the `deny` or `warn`
./pkg/policy/policy_test.go:305: name: "Should eval warn rule with invalid resource as failed check",
./pkg/policy/policy_test.go:342: warn[res] {
./pkg/policy/policy_test.go:373: name: "Should eval warn rule with valid resource as successful check",
./pkg/policy/policy_test.go:413: warn[res] {
./pkg/policy/policy_test.go:555: name: "Should eval warn rule with any resource and multiple messages",
./pkg/policy/policy_test.go:623: name: "Should eval warn role rule with built in policies",
./pkg/policy/policy_test.go:933: // varMessage is the name of Rego variable used to bind deny or warn
./pkg/policy/policy_test.go:939:// `warn` rules.
./pkg/policy/policy_test.go:947: // Messages deny or warning messages |
6 tasks
Thanks for the heads up. I think we should remove these tests. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have a few options within the misconfiguration scanner that aren't used they are as below:
combined
trivy/pkg/iac/rego/metadata.go
Line 225 in 39c8024
rego warnings
https://github.com/aquasecurity/trivy/blob/main/pkg/iac/scan/result.go#L198The text was updated successfully, but these errors were encountered: