Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude JAS Scan Flag #2039

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
Open

Exclude JAS Scan Flag #2039

wants to merge 2 commits into from

Conversation

orto17
Copy link
Contributor

@orto17 orto17 commented Jun 25, 2023

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • All static analysis checks passed.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.

This PR contains the following:

  • A new flag for the audit command hat will allow the user to force a skip on a certain Jas scan.
  • Each scan that will appear in the flag will be skipped, and analyzer manager will not be executed for this scan.
  • The user will be able to include more than one scanner to skip, for example: -exclude-scan=contextual_analysis;secrets

@orto17 orto17 requested a review from yahavi June 25, 2023 07:38
@orto17 orto17 added the safe to test Approve running integration tests on a pull request label Jun 25, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Jun 25, 2023
@yahavi yahavi requested a review from talarian1 June 25, 2023 07:48
yahavi
yahavi requested changes Jun 28, 2023
View reviewed changes
utils/cliutils/commandsflags.go
@@ -445,6 +445,7 @@ const (
scanAnt = scanPrefix + antFlag
xrOutput = "format"
BypassArchiveLimits = "bypass-archive-limits"
excludeJasScan = "exclude-scan"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
excludeJasScan = "exclude-scan"
ExcludeScans = "exclude-scans"

scan/cli.go
@@ -260,7 +260,8 @@ func createGenericAuditCmd(c *cli.Context) (*audit.GenericAuditCommand, error) {
SetFail(c.BoolT("fail")).
SetPrintExtendedTable(c.Bool(cliutils.ExtendedTable)).
SetMinSeverityFilter(minSeverity).
SetFixableOnly(c.Bool(cliutils.FixableOnly))
SetFixableOnly(c.Bool(cliutils.FixableOnly)).
SetExcludeJasScan(c.String("exclude-scan"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
SetExcludeJasScan(c.String("exclude-scan"))
SetExcludeJasScan(c.String(cliutils.ExcludeScans))

utils/cliutils/commandsflags.go
@@ -1354,6 +1355,10 @@ var flagsMap = map[string]cli.Flag{
Name: BypassArchiveLimits,
Usage: "[Default: false] Set to true to bypass the indexer-app archive limits.` `",
},
excludeJasScan: cli.StringFlag{
Name: excludeJasScan,
Usage: "[Default: null] Defines the jas scans that should be skipped during an audit command. Acceptable values are: contextual_analysis, secrets and iac. Note: to include more than one scan to skip, use the following format -exclude-scan=contextual_analysis;secrets` `",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Usage: "[Default: null] Defines the jas scans that should be skipped during an audit command. Acceptable values are: contextual_analysis, secrets and iac. Note: to include more than one scan to skip, use the following format -exclude-scan=contextual_analysis;secrets` `",
Usage: "[Optional] List of scans to skip in the form of \"scan1;scan2;...\". Acceptable values are: 'contextual_analysis', 'secrets' and 'iac'.` `",

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yahavi yahavi yahavi requested changes

@talarian1 talarian1 Awaiting requested review from talarian1

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@orto17 @yahavi