1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-01-12 00:30:58 +00:00
kube-bench/internal/findings/publisher.go

70 lines
1.8 KiB
Go
Raw Normal View History

package findings
import (
"github.com/aws/aws-sdk-go/service/securityhub"
"github.com/aws/aws-sdk-go/service/securityhub/securityhubiface"
"github.com/pkg/errors"
)
// A Publisher represents an object that publishes finds to AWS Security Hub.
type Publisher struct {
client securityhubiface.SecurityHubAPI // AWS Security Hub Service Client
}
// A PublisherOutput represents an object that contains information about the service call.
type PublisherOutput struct {
// The number of findings that failed to import.
//
// FailedCount is a required field
FailedCount int64
// The list of findings that failed to import.
FailedFindings []*securityhub.ImportFindingsError
// The number of findings that were successfully imported.
//
// SuccessCount is a required field
SuccessCount int64
}
// New creates a new Publisher.
func New(client securityhubiface.SecurityHubAPI) *Publisher {
return &Publisher{
client: client,
}
}
// PublishFinding publishes findings to AWS Security Hub Service
func (p *Publisher) PublishFinding(finding []*securityhub.AwsSecurityFinding) (*PublisherOutput, error) {
o := PublisherOutput{}
i := securityhub.BatchImportFindingsInput{}
i.Findings = finding
var errs error
// Split the slice into batches of 100 finding.
batch := 100
for i := 0; i < len(finding); i += batch {
j := i + batch
if j > len(finding) {
j = len(finding)
}
i := securityhub.BatchImportFindingsInput{}
i.Findings = finding
r, err := p.client.BatchImportFindings(&i) // Process the batch.
if err != nil {
errs = errors.Wrap(err, "finding publish failed")
}
if r.FailedCount != nil {
o.FailedCount += *r.FailedCount
}
if r.SuccessCount != nil {
o.SuccessCount += *r.SuccessCount
}
for _, ff := range r.FailedFindings {
o.FailedFindings = append(o.FailedFindings, ff)
}
}
return &o, errs
}