Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add repo config 'exposures' to support JAS #133

Merged
merged 13 commits into from
Aug 29, 2023
Merged

Add repo config 'exposures' to support JAS #133

merged 13 commits into from
Aug 29, 2023

Conversation

alexhung
Copy link
Member

No description provided.

@alexhung alexhung requested a review from danielmkn as a code owner August 17, 2023 20:18
danielmkn
danielmkn requested changes Aug 17, 2023
View reviewed changes
Copy link
Collaborator

@danielmkn danielmkn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PLease add defaults for bools.

docs/resources/repository_config.md Outdated
Optional:

- `applications` (Boolean) Detect whether common OSS libraries and services are used securely by the application.
- `iac` (Boolean) Scans IaC files stored in Artifactory for early detection of cloud and infrastructure misconfigurations to prevent attacks and data leak. Only support by Terraform Backend package type.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

support -> supported

pkg/xray/resource_xray_repository_config.go Outdated
}

type ScannersCategory struct {
MaliciousCode bool `json:"malicious_code_scan,omitempty"`
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's better not to use omitempty with bools.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't as the API errors out if the not-applicable fields are present. The API will only accept the valid fields for the repo type. The 'better' way will be to use map[string]bool struct and dynamically add only the valid fields (vs using omitempty). This will mean we need to fetch the repo details from RT first to determine its type, then set the fields according to that.

pkg/xray/resource_xray_repository_config.go
Optional: true,
Description: "Scans IaC files stored in Artifactory for early detection of cloud and infrastructure misconfigurations to prevent attacks and data leak. Only support by Terraform Backend package type.",
},
"applications": {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we have defaults for all booleans here? And remove omitempty in the struct?

@alexhung
Update description
22ae41d
@alexhung
Upgrade terraform-provider-shared package to 1.17.0
fe40367
@alexhung
Make repository_config's scanners_category a map
001f5f0 
And fills in the fields based on package type (and Xray version)

Apply the same logic to vulnerability contextual analysis.
@alexhung
Update terraform-provider-shared to 1.18.0
bbc6ebf
danielmkn
danielmkn previously approved these changes Aug 21, 2023
View reviewed changes
MahithaB
MahithaB previously approved these changes Aug 21, 2023
View reviewed changes
@alexhung alexhung dismissed stale reviews from MahithaB and danielmkn via efb75b1 August 28, 2023 21:05
@alexhung alexhung requested review from danielmkn and MahithaB August 28, 2023 21:53
@alexhung alexhung merged commit 252d8f7 into master Aug 29, 2023
@alexhung alexhung deleted the add-exposures-to-repository-config branch August 29, 2023 23:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielmkn danielmkn danielmkn approved these changes

@mritunjaykumar mritunjaykumar Awaiting requested review from mritunjaykumar

@MahithaB MahithaB Awaiting requested review from MahithaB

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@alexhung @danielmkn @MahithaB @jfrogsolutioncicd