mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-12 07:40:48 -08:00
fix(k8s): skip passed misconfigs for the summary report [backport: release/v0.61] (#8748)
Co-authored-by: afdesk <work@afdesk.com> Co-authored-by: Simar <simar@linux.com>
This commit is contained in:
Aqua Security automated builds
committed by
GitHub
GitHub
parent
9d6290b319
commit
80d120fa0f
@@ -170,6 +170,9 @@ func accumulateSeverityCounts(finding Resource) (map[string]int, map[string]int,
|
||||
vCount[rv.Severity]++
|
||||
}
|
||||
for _, rv := range r.Misconfigurations {
|
||||
if rv.Status == types.MisconfStatusPassed {
|
||||
continue
|
||||
}
|
||||
mCount[rv.Severity]++
|
||||
}
|
||||
for _, rv := range r.Secrets {
|
||||
|
||||
@@ -53,6 +53,11 @@ var (
|
||||
Status: types.MisconfStatusFailure,
|
||||
Severity: "HIGH",
|
||||
},
|
||||
{
|
||||
ID: "KSV-ID103",
|
||||
Status: types.MisconfStatusPassed,
|
||||
Severity: "HIGH",
|
||||
},
|
||||
|
||||
{
|
||||
ID: "KCV-ID100",
|
||||
@@ -265,7 +270,7 @@ func TestReportWrite_Table(t *testing.T) {
|
||||
expectedOutput string
|
||||
}{
|
||||
{
|
||||
name: "Only config, all serverities",
|
||||
name: "Only config, all severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{deployOrionWithMisconfigs},
|
||||
@@ -319,7 +324,7 @@ See https://google.com/search?q=bad%20config
|
||||
────────────────────────────────────────`,
|
||||
},
|
||||
{
|
||||
name: "Only vuln, all serverities",
|
||||
name: "Only vuln, all severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{deployOrionWithVulns},
|
||||
@@ -371,7 +376,7 @@ Total: 1 (LOW: 1)
|
||||
└─────────┴───────────────┴──────────┴─────────┴───────────────────┴───────────────┴───────────────────────────────────────────┘`,
|
||||
},
|
||||
{
|
||||
name: "Only rbac, all serverities",
|
||||
name: "Only rbac, all severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{roleWithMisconfig},
|
||||
@@ -393,7 +398,7 @@ RBAC Assessment
|
||||
Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
|
||||
},
|
||||
{
|
||||
name: "Only secret, all serverities",
|
||||
name: "Only secret, all severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{deployLuaWithSecrets},
|
||||
@@ -424,7 +429,7 @@ Infra Assessment
|
||||
Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
|
||||
},
|
||||
{
|
||||
name: "apiserver, only infra and serverities",
|
||||
name: "apiserver, only infra and severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{apiseverPodWithMisconfigAndInfra},
|
||||
@@ -455,7 +460,7 @@ Infra Assessment
|
||||
Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
|
||||
},
|
||||
{
|
||||
name: "apiserver, vuln,config,secret and serverities",
|
||||
name: "apiserver, vuln,config,secret and severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{apiseverPodWithMisconfigAndInfra},
|
||||
@@ -490,7 +495,7 @@ Infra Assessment
|
||||
Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
|
||||
},
|
||||
{
|
||||
name: "apiserver, all misconfig and vuln scanners and serverities",
|
||||
name: "apiserver, all misconfig and vuln scanners and severities",
|
||||
report: report.Report{
|
||||
ClusterName: "test",
|
||||
Resources: []report.Resource{apiseverPodWithMisconfigAndInfra},
|
||||
|
||||
Reference in New Issue
Block a user