feat(schema): Add schema generation #32
Conversation
|
|
||
| b := newBuilder() | ||
|
|
||
| inputValue := reflect.ValueOf(state.State{}) |
There was a problem hiding this comment.
@nikpivkin state.State{} comes from defsec today and is shared across trivy-iac and trivy-aws as well. It's one of those dependencies which is hard to get away from as it's shared between all of the components.
pkg/rules/register.go
Outdated
| "github.com/aquasecurity/trivy-policies/pkg/types" | ||
| ) | ||
|
|
||
| func Register(rule scan.Rule, f scan.CheckFunc) types.RegisteredRule { |
There was a problem hiding this comment.
This function is used to register Go rules. For example, https://github.com/aquasecurity/trivy-policies/blob/main/rules/cloud/policies/aws/s3/block_public_acls.go#L11. Maybe we should make Go rules in trivy-policies public and register them with trivy-iac? Or what should we do?
There was a problem hiding this comment.
Maybe we should make Go rules in trivy-policies public and register them with trivy-iac?
Yes that's the idea. I was planning for that happen via
Line 9 in 335c783
But it seems a couple of tests are failing at the moment. Upon investigating them it seems they don't seem to be registered Go rules, so an import somewhere is missing (which would trigger the registration of Go rules).
There was a problem hiding this comment.
@simar7 When importing rules, they are saved in the rules registry, which is located in trivy-policies. Therefore, importing rules is not enough.
|
@simar7 "github.com/aquasecurity/trivy-policies/pkg/rego"
"github.com/aquasecurity/trivy-policies/pkg/rego/embed" |
* bump defsec and trivy-policies * test: use embedded FS * refactor: use embedded FS to generate documentation * chore: bump defsec and trivy-policies * refactor: use registered rules as is
No description provided.