Skip to content

Commit

Permalink
Merge pull request #797 from stacklok/guidance
Browse files Browse the repository at this point in the history
Add guidance to rule types
  • Loading branch information
JAORMX authored Aug 30, 2023
2 parents 06a1729 + c0a5e3d commit 8f40322
Show file tree
Hide file tree
Showing 11 changed files with 946 additions and 879 deletions.
1 change: 1 addition & 0 deletions database/migrations/000001_init.up.sql
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ CREATE TABLE rule_type (
provider TEXT NOT NULL,
group_id INTEGER NOT NULL REFERENCES groups(id) ON DELETE CASCADE,
description TEXT NOT NULL,
guidance TEXT NOT NULL,
definition JSONB NOT NULL,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
Expand Down
3 changes: 2 additions & 1 deletion database/query/rule_types.sql
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ INSERT INTO rule_type (
provider,
group_id,
description,
definition) VALUES ($1, $2, $3, $4, sqlc.arg(definition)::jsonb) RETURNING *;
guidance,
definition) VALUES ($1, $2, $3, $4, $5, sqlc.arg(definition)::jsonb) RETURNING *;

-- name: ListRuleTypesByProviderAndGroup :many
SELECT * FROM rule_type WHERE provider = $1 AND group_id = $2;
Expand Down
2 changes: 2 additions & 0 deletions docs/docs/protodocs/proto.md

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions examples/github/rule-types/secret_scanning.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,13 @@ context:
provider: github
group: Root Group
description: Verifies that secret scanning is enabled for a given repository.
guidance: |
Secret scanning is a feature that scans repositories for secrets and alerts
the repository owner when a secret is found. To enable this feature in github,
you must enable it in the repository settings. See the GitHub documentation
for more information. [1]
[1] https://docs.github.com/en/github/administering-a-repository/about-secret-scanning
def:
# Defines the section of the pipeline the rule will appear in.
# This will affect the template that is used to render multiple parts
Expand Down
1 change: 1 addition & 0 deletions internal/engine/rule_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,7 @@ func RuleTypePBFromDB(rt *db.RuleType, ectx *EntityContext) (*pb.RuleType, error
Group: &gname,
},
Description: rt.Description,
Guidance: rt.Guidance,
Def: def,
}, nil
}
Expand Down
12 changes: 12 additions & 0 deletions pkg/controlplane/handlers_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -408,6 +408,16 @@ func (s *Server) GetPolicyStatusById(ctx context.Context,

rulestats = make([]*pb.RuleEvaluationStatus, 0, len(dbrulestat))
for _, rs := range dbrulestat {
var guidance string
if rs.EvalStatus == db.EvalStatusTypesFailure || rs.EvalStatus == db.EvalStatusTypesError {
ruleTypeInfo, err := s.store.GetRuleTypeByID(ctx, rs.RuleTypeID)
if err != nil {
log.Printf("error getting rule type info: %v", err)
} else {
guidance = ruleTypeInfo.Guidance
}
}

st := &pb.RuleEvaluationStatus{
PolicyId: in.PolicyId,
RuleId: rs.RuleTypeID,
Expand All @@ -421,6 +431,7 @@ func (s *Server) GetPolicyStatusById(ctx context.Context,
"repo_owner": rs.RepoOwner,
"provider": rs.Provider,
},
Guidance: guidance,
LastUpdated: timestamppb.New(rs.LastUpdated),
}

Expand Down Expand Up @@ -603,6 +614,7 @@ func (s *Server) CreateRuleType(ctx context.Context, crt *pb.CreateRuleTypeReque
GroupID: entityCtx.GetGroup().GetID(),
Description: in.GetDescription(),
Definition: def,
Guidance: in.GetGuidance(),
})
if err != nil {
return nil, status.Errorf(codes.Unknown, "failed to create rule type: %s", err)
Expand Down
1 change: 1 addition & 0 deletions pkg/db/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 11 additions & 4 deletions pkg/db/rule_types.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 8 additions & 0 deletions pkg/generated/openapi/mediator/v1/mediator.swagger.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 8f40322

Please sign in to comment.