kube-bench/internal/findings/publisher.go

package findings

import (
	"context"

	"github.com/aws/aws-sdk-go-v2/service/securityhub"
	"github.com/aws/aws-sdk-go-v2/service/securityhub/types"
	"github.com/pkg/errors"
)

// A Publisher represents an object that publishes finds to AWS Security Hub.
type Publisher struct {
	client securityhub.Client // AWS Security Hub Service Client
}

// A PublisherOutput represents an object that contains information about the service call.
type PublisherOutput struct {
	// The number of findings that failed to import.
	//
	// FailedCount is a required field
	FailedCount int32

	// The list of findings that failed to import.
	FailedFindings []types.ImportFindingsError

	// The number of findings that were successfully imported.
	//
	// SuccessCount is a required field
	SuccessCount int32
}

// New creates a new Publisher.
func New(client securityhub.Client) *Publisher {
	return &Publisher{
		client: client,
	}
}

// PublishFinding publishes findings to AWS Security Hub Service
func (p *Publisher) PublishFinding(finding []types.AwsSecurityFinding) (*PublisherOutput, error) {
	o := PublisherOutput{}
	i := securityhub.BatchImportFindingsInput{}
	i.Findings = finding
	var errs error

	// Split the slice into batches of 100 finding.
	batch := 100

	for i := 0; i < len(finding); i += batch {
		i := securityhub.BatchImportFindingsInput{}
		i.Findings = finding
		r, err := p.client.BatchImportFindings(context.Background(), &i) // Process the batch.
		if err != nil {
			errs = errors.Wrap(err, "finding publish failed")
		}
		if r != nil {
			if r.FailedCount != 0 {
				o.FailedCount += r.FailedCount
			}
			if r.SuccessCount != 0 {
				o.SuccessCount += r.SuccessCount
			}
			o.FailedFindings = append(o.FailedFindings, r.FailedFindings...)
		}
	}
	return &o, errs
}
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`package findings`

			`import (`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`"context"`

			`"github.com/aws/aws-sdk-go-v2/service/securityhub"`
			`"github.com/aws/aws-sdk-go-v2/service/securityhub/types"`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`"github.com/pkg/errors"`
			`)`

			`// A Publisher represents an object that publishes finds to AWS Security Hub.`
			`type Publisher struct {`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`client securityhub.Client // AWS Security Hub Service Client`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`}`

			`// A PublisherOutput represents an object that contains information about the service call.`
			`type PublisherOutput struct {`
			`// The number of findings that failed to import.`
			`//`
			`// FailedCount is a required field`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`FailedCount int32`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00
			`// The list of findings that failed to import.`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`FailedFindings []types.ImportFindingsError`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00
			`// The number of findings that were successfully imported.`
			`//`
			`// SuccessCount is a required field`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`SuccessCount int32`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`}`

			`// New creates a new Publisher.`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`func New(client securityhub.Client) *Publisher {`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`return &Publisher{`
			`client: client,`
			`}`
			`}`

			`// PublishFinding publishes findings to AWS Security Hub Service`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`func (p Publisher) PublishFinding(finding []types.AwsSecurityFinding) (PublisherOutput, error) {`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`o := PublisherOutput{}`
			`i := securityhub.BatchImportFindingsInput{}`
			`i.Findings = finding`
			`var errs error`

			`// Split the slice into batches of 100 finding.`
			`batch := 100`

			`for i := 0; i < len(finding); i += batch {`
			`i := securityhub.BatchImportFindingsInput{}`
			`i.Findings = finding`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`r, err := p.client.BatchImportFindings(context.Background(), &i) // Process the batch.`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`if err != nil {`
			`errs = errors.Wrap(err, "finding publish failed")`
			`}`
Migrate to aws-sdk-go-v2 (#1268) * Migrate to aws-sdk-go-v2 * Update dependencies Minimum go version increased due to k8s.io/client-go 2022-10-03 05:52:06 +00:00			`if r != nil {`
			`if r.FailedCount != 0 {`
			`o.FailedCount += r.FailedCount`
			`}`
			`if r.SuccessCount != 0 {`
			`o.SuccessCount += r.SuccessCount`
			`}`
			`o.FailedFindings = append(o.FailedFindings, r.FailedFindings...)`
Aws asff (#770) * add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> 2020-11-23 19:43:53 +00:00			`}`
			`}`
			`return &o, errs`
			`}`