1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-22 16:18:07 +00:00

Do not exit on command exit, print error message to stderr and continue.

This commit is contained in:
Abubakr-Sadik Nii Nai Davis 2017-07-05 12:56:01 +00:00
parent b1a76360e7
commit dbbafd54a5
2 changed files with 22 additions and 9 deletions

View File

@ -63,7 +63,7 @@ type Check struct {
// Run executes the audit commands specified in a check and outputs // Run executes the audit commands specified in a check and outputs
// the results. // the results.
func (c *Check) Run() { func (c *Check) Run() {
var out, serr bytes.Buffer var out bytes.Buffer
// Check if command exists or exit with WARN. // Check if command exists or exit with WARN.
for _, cmd := range c.Commands { for _, cmd := range c.Commands {
@ -88,7 +88,7 @@ func (c *Check) Run() {
cs := c.Commands cs := c.Commands
// Initialize command pipeline // Initialize command pipeline
cs[0].Stderr = &serr cs[0].Stderr = os.Stderr
cs[n-1].Stdout = &out cs[n-1].Stdout = &out
i := 1 i := 1
@ -96,25 +96,30 @@ func (c *Check) Run() {
for i < n { for i < n {
cs[i-1].Stdout, err = cs[i].StdinPipe() cs[i-1].Stdout, err = cs[i].StdinPipe()
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", cs[i].Path, err) fmt.Fprintf(os.Stderr, "%s: %s\n", cs[i].Args, err)
os.Exit(1)
} }
cs[i].Stderr = &serr cs[i].Stderr = os.Stderr
i++ i++
} }
// Start command pipeline // Start command pipeline
i = 0 i = 0
for i < n { for i < n {
cs[i].Start() err := cs[i].Start()
if err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", cs[i].Args, err)
}
i++ i++
} }
// Complete command pipeline // Complete command pipeline
i = 0 i = 0
for i < n { for i < n {
cs[i].Wait() err := cs[i].Wait()
if err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", cs[i].Args, err)
}
if i < n-1 { if i < n-1 {
cs[i].Stdout.(io.Closer).Close() cs[i].Stdout.(io.Closer).Close()

View File

@ -238,7 +238,11 @@ func verifyBin(binPath []string) []string {
// Run ps command // Run ps command
cmd := exec.Command("ps", "-C", binList, "-o", "cmd", "--no-headers") cmd := exec.Command("ps", "-C", binList, "-o", "cmd", "--no-headers")
out, _ := cmd.Output() cmd.Stderr = os.Stderr
out, err := cmd.Output()
if err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", cmd.Args, err)
}
// Actual verification // Actual verification
for _, b := range binPath { for _, b := range binPath {
@ -266,7 +270,11 @@ func verifyKubeVersion(binPath []string) []string {
// Check version // Check version
cmd := exec.Command(b, "--version") cmd := exec.Command(b, "--version")
out, _ := cmd.Output() cmd.Stderr = os.Stderr
out, err := cmd.Output()
if err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", cmd.Args, err)
}
matched := strings.Contains(string(out), kubeVersion) matched := strings.Contains(string(out), kubeVersion)
if !matched { if !matched {