8000 feat(misconf): add misconfiguration location to junit template · Issue #8790 · aquasecurity/trivy · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat(misconf): add misconfiguration location to junit template #8790

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nikpivkin opened this issue Apr 29, 2025 · 2 comments · Fixed by #8793
Closed

feat(misconf): add misconfiguration location to junit template #8790

nikpivkin opened this issue Apr 29, 2025 · 2 comments · Fixed by #8793
Assignees
@nikpivkin
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.63.0

Comments

@nikpivkin
Copy link
Contributor

The JUnit report only includes misconfiguration messages, which makes it difficult to identify the source of the issue:

...
    <testsuite tests="9" failures="9" name="main.tf" errors="0" time="">
        <properties>
            <property name="type" value="terraform"></property>
        </properties>
        <testcase classname="Terraform Security Check" name="[HIGH] AVD-AWS-0086" time="">
            <failure message="S3 Access block should block public ACL" type="description">S3 buckets should block public ACLs on buckets and any objects they contain. By blocking, PUTs with fail if the object has any public ACL a.&#xA;</failure>
        </testcase>
        <testcase classname="Terraform Security Check" name="[HIGH] AVD-AWS-0087" time="">
            <failure message="S3 Access block should block public policy" type="description">S3 bucket policy should have block public policy to prevent users from putting a policy that enable public access.&#xA;</failure>
        </testcase>
...

We need to add the location to the template.

Discussed in #8773
@nikpivkin nikpivkin added kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning labels Apr 29, 2025
@nikpivkin nikpivkin self-assigned this Apr 29, 2025
@nikpivkin nikpivkin mentioned this issue Apr 29, 2025
Merged
6 tasks
@nikpivkin
Copy link
Contributor Author

@simar7 Should we add a code snippet like we did for tfsec? I think we should add information from the Occurrences field so that the user can find the misconfigured resource of their modules by call chain, otherwise it is impossible to do. What do you think?

Image

@simar7
Copy link
Member
simar7 commented May 1, 2025

@simar7 Should we add a code snippet like we did for tfsec? I think we should add information from the Occurrences field so that the user can find the misconfigured resource of their modules by call chain, otherwise it is impossible to do. What do you think?

Image

Hmm - we could but only if it's straightforward to do so lets do it - If not maybe let's keep what we already had with tfsec.

@simar7 simar7 added this to the v0.63.0 milestone May 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikpivkin nikpivkin

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Status: No status
Milestone
v0.63.0
Development

Successfully merging a pull request may close this issue.

feat(misconf): add misconfiguration location to junit template nikpivkin/trivy
2 participants
@simar7 @nikpivkin
0