arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-26 09:58:14 +00:00
Code Issues Releases Wiki Activity

Do not print remediation messages not on --status

Browse Source
This commit is contained in:
Manuel Tiago Pereira 2021-11-05 09:01:20 +00:00
parent 0c1c5aa2e0
commit 5ed6c78c81
No known key found for this signature in database
GPG Key ID: 0F7AEBEEEEB5DC0C
2 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/common.go
View File

@ -205,24 +205,29 @@ func prettyPrint(r *check.Controls, summary check.Summary) {
// Print remediations. // Print remediations.
if !noRemediations { if !noRemediations {
var remediationOutput strings.Builder
if summary.Fail > 0 || summary.Warn > 0 { if summary.Fail > 0 || summary.Warn > 0 {
colors[check.WARN].Printf("== Remediations %s ==\n", r.Type)
for _, g := range r.Groups { for _, g := range r.Groups {
for _, c := range g.Checks { for _, c := range g.Checks {
if c.State == check.FAIL { if c.State == check.FAIL && printStatus(check.FAIL) {
fmt.Printf("%s %s\n", c.ID, c.Remediation) remediationOutput.WriteString(fmt.Sprintf("%s %s\n", c.ID, c.Remediation))
} }
if c.State == check.WARN { if c.State == check.WARN && printStatus(check.WARN) {
// Print the error if test failed due to problem with the audit command // Print the error if test failed due to problem with the audit command
if c.Reason != "" && c.Type != "manual" { if c.Reason != "" && c.Type != "manual" {
fmt.Printf("%s audit test did not run: %s\n", c.ID, c.Reason) remediationOutput.WriteString(fmt.Sprintf("%s audit test did not run: %s\n", c.ID, c.Reason))
} else { } else {
fmt.Printf("%s %s\n", c.ID, c.Remediation) remediationOutput.WriteString(fmt.Sprintf("%s %s\n", c.ID, c.Remediation))
} }
} }
} }
} }
fmt.Println() output := remediationOutput.String()
if len(output) > 0 {
remediationOutput.WriteString("\n")
fmt.Printf(colors[check.WARN].Sprintf("== Remediations %s ==\n", r.Type))
fmt.Printf(remediationOutput.String())
}
} }
} }

18
cmd/common_test.go
View File

@ -756,27 +756,35 @@ func TestWriteStdoutOutputStatusList(t *testing.T) {
statusList string statusList string
notContains []string notContains []string
contains []string
} }
testCases := []testCase{ testCases := []testCase{
{ {
name: "statusList PASS", name: "statusList PASS",
statusList: "PASS", statusList: "PASS",
notContains: []string{"INFO", "WARN", "FAIL"}, notContains: []string{"INFO", "WARN", "FAIL", "== Remediations controlplane =="},
}, },
{ {
name: "statusList PASS,INFO", name: "statusList PASS,INFO",
statusList: "PASS,INFO", statusList: "PASS,INFO",
notContains: []string{"WARN", "FAIL"}, notContains: []string{"WARN", "FAIL", "== Remediations controlplane =="},
},
{
name: "statusList WARN",
statusList: "WARN",
notContains: []string{"INFO", "FAIL", "PASS"},
contains: []string{"== Remediations controlplane =="},
}, },
{ {
name: "statusList FAIL", name: "statusList FAIL",
statusList: "FAIL", statusList: "FAIL",
notContains: []string{"INFO", "WARN", "PASS"}, notContains: []string{"INFO", "WARN", "PASS", "== Remediations controlplane =="},
}, },
{ {
name: "statusList empty", name: "statusList empty",
statusList: "", statusList: "",
notContains: nil, notContains: nil,
contains: []string{"== Remediations controlplane =="},
}, },
} }
@ -801,6 +809,10 @@ func TestWriteStdoutOutputStatusList(t *testing.T) {
for _, n := range tt.notContains { for _, n := range tt.notContains {
assert.NotContains(t, string(out), n) assert.NotContains(t, string(out), n)
} }
for _, c := range tt.contains {
assert.Contains(t, string(out), c)
}
} }
} }