Skip to content

Commit 5b1c5aa

Browse files
kishorekgargKishore Garg
kishorekgarg
and
Kishore Garg
authored
Migrating from v1alpha to v1 and removing the iac_version (#22)
1. Migrated from v1alpha endpoints to v1 endpoints for the GA release 2. Removed the iac_version as that is not in use 3. Fixed typos --------- Co-authored-by: Kishore Garg <[email protected]>
1 parent 4c2834c commit 5b1c5aa

File tree

6 files changed

+6
-25
lines changed

6 files changed

+6
-25
lines changed

.github/workflows/test.yml

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,6 @@ jobs:
9494
# plan file has 1 UNSPECIFIED, 1 HIGH severity vulnerabilites
9595
scan_file_ref: 'tests/resources/with-violations-tf_plan.json'
9696
iac_type: 'terraform'
97-
iac_version: '1.0.0'
9897
failure_criteria: 'CRITICAL:2, Operator:OR'
9998
ignore_violations: 'false'
10099
fail_silently: 'false'
@@ -117,7 +116,6 @@ jobs:
117116
organization_id: '${{ env.ORGANIZATION_ID }}'
118117
scan_file_ref: 'tests/resources/no-violations-tf_plan.json'
119118
iac_type: 'terraform'
120-
iac_version: '1.0.0'
121119
failure_criteria: 'CRITICAL:2, Operator:OR'
122120
- name: 'Check scan result and report not generated.'
123121
run: |
@@ -136,7 +134,6 @@ jobs:
136134
# plan file has 1 UNSPECIFIED, 1 HIGH severity vulnerabilites
137135
scan_file_ref: 'tests/resources/with-violations-tf_plan.json'
138136
iac_type: 'terraform'
139-
iac_version: '1.0.0'
140137
failure_criteria: 'HIGH:1, Operator:OR'
141138
continue-on-error: true
142139
- name: 'Check scan result and action build status'
@@ -156,7 +153,6 @@ jobs:
156153
# plan file has 1 UNSPECIFIED, 1 HIGH severity vulnerabilites
157154
scan_file_ref: 'tests/resources/with-violations-tf_plan.json'
158155
iac_type: 'terraform'
159-
iac_version: '1.0.0'
160156
ignore_violations: 'true'
161157
failure_criteria: 'HIGH:1, Operator:OR'
162158
- name: 'Check scan result'
@@ -173,7 +169,6 @@ jobs:
173169
organization_id: 'invalid-id'
174170
scan_file_ref: 'tests/resources/with-violations-tf_plan.json'
175171
iac_type: 'terraform'
176-
iac_version: '1.0.0'
177172
continue-on-error: true
178173
- name: 'Check scan result and build status'
179174
run: |
@@ -191,7 +186,6 @@ jobs:
191186
organization_id: 'invalid-id'
192187
scan_file_ref: 'tests/resources/with-violations-tf_plan.json'
193188
iac_type: 'terraform'
194-
iac_version: '1.0.0'
195189
fail_silently: 'true'
196190
- name: Check scan result
197191
run: |

README.md

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,6 @@ jobs:
6464
organization_id: '123456789'
6565
scan_file_ref: './tf_plan.json'
6666
iac_type: 'terraform'
67-
iac_version: '1.0.0'
6867
scan_timeout: '1m'
6968
ignore_violations: false
7069
failure_criteria: 'High:1,Medium:1,Low:1,Operator:or'
@@ -93,9 +92,6 @@ jobs:
9392
* `iac_type`: (Required) The IaC template type. Currently only Terraform is supported.
9493

9594

96-
* `iac_version`: (Required) The IaC template version. For example: '1.6.6', or '1.6.5'.
97-
98-
9995
* `scan_time_out`: (Optional) The maximum time before the action stops. The time must be between '1m' and '10m'. The default is `1m`.
10096

10197

action.yml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -32,10 +32,6 @@ inputs:
3232
description: |-
3333
The IaC template type. Currently only Terraform is supported.
3434
required: true
35-
iac_version:
36-
description: |-
37-
The IaC template version. For example: '1.6.6', or '1.6.5'.
38-
required: true
3935
scan_timeout:
4036
description: |-
4137
The maximum time before the action stops. The time must be between '1m' and '10m'.

src/commons/constants.ts

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,7 @@ export const SARIF_REPORT_FILE_NAME = 'iac-scan-sarif.json';
3131
export const ORGANIZATION_ID_CONFIG_KEY = 'organization_id';
3232
export const SCAN_FILE_REF_CONFIG_KEY = 'scan_file_ref';
3333
export const IAC_TYPE_CONFIG_KEY = 'iac_type';
34-
export const IAC_VERSION_CONFIG_KEY = 'iac_version';
35-
export const IGONRE_VIOLATIONS_CONFIG_KEY = 'ignore_violations';
34+
export const IGNORE_VIOLATIONS_CONFIG_KEY = 'ignore_violations';
3635
export const FAILURE_CRITERIA_CONFIG_KEY = 'failure_criteria';
3736
export const FAIL_SILENTLY_CONFIG_KEY = 'fail_silently';
3837
export const SCAN_TIMEOUT_CONFIG_KEY = 'scan_timeout';

src/commons/http_config.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
* limitations under the License.
1515
*/
1616

17-
export const VALIDATE_ENDPOINT_DOMAIN = 'https://securityposture.googleapis.com/v1alpha';
17+
export const VALIDATE_ENDPOINT_DOMAIN = 'https://securityposture.googleapis.com/v1';
1818
export const VALIDATE_ENDPOINT_PATH = (orgId: string) =>
1919
`/organizations/${orgId}/locations/global/reports:createIaCValidationReport`;
2020
export const RETRIABLE_ERROR_CODES = [408, 429, 500, 502, 503, 504];

src/main.ts

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,7 @@ import {
4343
IAC_SCAN_RESULT,
4444
IAC_SCAN_RESULT_OUTPUT_KEY,
4545
IAC_TYPE_CONFIG_KEY,
46-
IAC_VERSION_CONFIG_KEY,
47-
IGONRE_VIOLATIONS_CONFIG_KEY,
46+
IGNORE_VIOLATIONS_CONFIG_KEY,
4847
MAX_SCAN_TIMEOUT,
4948
MIN_SCAN_TIMEOUT,
5049
ORGANIZATION_ID_CONFIG_KEY,
@@ -64,7 +63,6 @@ async function run(): Promise<void> {
6463
const organizationID = getInput(ORGANIZATION_ID_CONFIG_KEY, { required: true });
6564
const scanFileRef = getInput(SCAN_FILE_REF_CONFIG_KEY, { required: true });
6665
const iacType = getInput(IAC_TYPE_CONFIG_KEY, { required: true });
67-
const iacVersion = getInput(IAC_VERSION_CONFIG_KEY, { required: true });
6866
const scanTimeoutInput = getInput(SCAN_TIMEOUT_CONFIG_KEY);
6967
const scanTimeoutMs = parseDuration(scanTimeoutInput) * 1000 || DEFAULT_SCAN_TIMEOUT;
7068
if (
@@ -76,7 +74,7 @@ async function run(): Promise<void> {
7674
);
7775
}
7876
const ignoreViolations = parseBoolean(
79-
getInput(IGONRE_VIOLATIONS_CONFIG_KEY),
77+
getInput(IGNORE_VIOLATIONS_CONFIG_KEY),
8078
DEFAULT_IGNORE_VIOLATIONS,
8179
);
8280
const failureCriteria = validateAndParseFailureCriteria(getInput(FAILURE_CRITERIA_CONFIG_KEY));
@@ -85,9 +83,7 @@ async function run(): Promise<void> {
8583
throw new Error(`IAC type: ${iacType} not supported`);
8684
}
8785
const planFile: string = await fs.readFile(scanFileRef, 'utf-8');
88-
logInfo(
89-
`Successfullly read IaC file from: ${scanFileRef}, IaC type: ${iacType}, IaC version: ${iacVersion}`,
90-
);
86+
logInfo(`Successfully read IaC file from: ${scanFileRef}, IaC type: ${iacType}`);
9187

9288
const scanStartTime = new Date().getTime();
9389
const accessor = new IACAccessor(
@@ -99,7 +95,7 @@ async function run(): Promise<void> {
9995
);
10096
logInfo(`Fetching violations for IaC file`);
10197
const violations: Violation[] = await accessor.scan(planFile);
102-
logDebug(`Violations fetched from IaC scan API's`);
98+
logDebug(`Violations fetched from IaC scan APIs`);
10399

104100
const sarifReportGenerator: SarifReportGenerator = new SarifReportGenerator(version);
105101
logInfo('Processing report generation for violations fetched');

0 commit comments

Comments
 (0)