Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(keyExpectedValue): ansible-aws queries convert to a recommendation rather than a current status #5589

Merged
merged 1 commit into from
Jul 13, 2022
Merged

fix(keyExpectedValue): ansible-aws queries convert to a recommendation rather than a current status #5589

merged 1 commit into from
Jul 13, 2022

Conversation

liorj-orca
Copy link
Contributor

Closes #

Proposed Changes

I submit this contribution under the Apache-2.0 license.

rafaela-soares
rafaela-soares suggested changes Jul 13, 2022
View reviewed changes
Copy link
Contributor

@rafaela-soares rafaela-soares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello, @liorj-orca!

Thank you so much for another contribution!

Can you update your branch with the master, please?
I only have a minor suggestion:

assets/queries/ansible/aws/iam_password_without_uppercase_letter/query.rego
@@ -18,7 +18,7 @@ CxPolicy[result] {
"resourceName": task.name,
"searchKey": sprintf("name={{%s}}.{{%s}}.require_uppercase", [task.name, modules[m]]),
"issueType": "IncorrectValue",
"keyExpectedValue": "iam_password_policy.require_uppercase set and true",
"keyExpectedValue": "iam_password_policy.require_uppercase should be set and true",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you improve the keyActualValue of this result, please?

"keyActualValue": "iam_password_policy.require_uppercase is undefined",

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure NP

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, @liorj-orca! It should mention that is undefined because it is what the policy finds. My suggestion is to add the "is", because is missing

@rafaela-soares rafaela-soares added the community Community contribution label Jul 13, 2022
@liorj-orca liorj-orca force-pushed the fix/keyExpectedValue_ansible_aws branch from adf6035 to 13b2f51 Compare July 13, 2022 09:31
rafaela-soares
rafaela-soares approved these changes Jul 13, 2022
View reviewed changes
Copy link
Contributor

@rafaela-soares rafaela-soares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

@rafaela-soares rafaela-soares merged commit 8e7caaf into Checkmarx:master Jul 13, 2022
rafaela-soares added a commit that referenced this pull request Jul 14, 2022
@kicsbot @dependabot
@rafaela-soares @liorj-orca
update(branch): sync master to release/1.6 (#5588)
531bf8a 
* build(deps): bump github.com/aws/aws-sdk-go from 1.44.52 to 1.44.53 (#5585)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.52 to 1.44.53.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.44.52...v1.44.53)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5587)

* ci(deps): bump golang from 1.18.3-alpine to 1.18.4-alpine (#5586)

* ci(deps): bump golang from 1.18.3-alpine to 1.18.4-alpine

Bumps golang from 1.18.3-alpine to 1.18.4-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* updating git version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>

* fix(keyExpectedValue): ansible-aws queries convert to a recommendation rather than a current status (#5589)

* fix(keyExpectedValue): ansible-azure queries convert to a recommendation rather than a current status (#5590)

* fix(keyExpectedValue): AzureResourceManager queries convert to a recommendation rather than a current status

* fix(cloud provider flag): support alicloud in the cloud provider flag (#5561)

* support alicloud in the cloud provider flag

* correcting E2E

* fix(keyExpectedValue): ansible-gcp queries convert to a recommendation rather than a current status

* build(deps): bump github.com/aws/aws-sdk-go from 1.44.53 to 1.44.54 (#5595)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.53 to 1.44.54.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.44.53...v1.44.54)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump github.com/open-policy-agent/opa from 0.42.1 to 0.42.2 (#5596)

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.42.1 to 0.42.2.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.42.1...v0.42.2)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump helm.sh/helm/v3 from 3.9.0 to 3.9.1 (#5597)

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.9.0...v3.9.1)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs(kicsbot): update images digest (#5598)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: rafaela-soares <rafaela.soares@checkmarx.com>
Co-authored-by: liorj-orca <96177663+liorj-orca@users.noreply.github.com>
Co-authored-by: Lior Jacobian <liorj@orca.security>
@rafaela-soares rafaela-soares added the query New query feature label Aug 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rafaela-soares rafaela-soares rafaela-soares approved these changes

Assignees
No one assigned
Labels
community Community contribution query New query feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@liorj-orca @rafaela-soares