Skip to content

Commit 509b038

Browse files
varunsh-codervarunsh-coder
committed
Update secureworkflow.go
1 parent 9767cd5 commit 509b038

File tree

1 file changed

+29
-4
lines changed

1 file changed

+29
-4
lines changed

remediation/workflow/secureworkflow.go

Lines changed: 29 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package workflow
22

33
import (
4+
"encoding/json"
45
"log"
56

67
"github.com/aws/aws-sdk-go/service/dynamodb/dynamodbiface"
@@ -20,7 +21,9 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
2021
pinActions, addHardenRunner, addPermissions, addProjectComment, replaceMaintainedActions := true, true, true, true, false
2122
pinnedActions, addedHardenRunner, addedPermissions, replacedMaintainedActions := false, false, false, false
2223
ignoreMissingKBs := false
23-
exemptedActions, pinToImmutable, customerMaintainedActions := []string{}, false, map[string]string{}
24+
enableLogging := false
25+
exemptedActions, pinToImmutable, maintainedActionsMap := []string{}, false, map[string]string{}
26+
2427
if len(params) > 0 {
2528
if v, ok := params[0].([]string); ok {
2629
exemptedActions = v
@@ -33,7 +36,7 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
3336
}
3437
if len(params) > 2 {
3538
if v, ok := params[2].(map[string]string); ok {
36-
customerMaintainedActions = v
39+
maintainedActionsMap = v
3740
}
3841
}
3942

@@ -57,10 +60,23 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
5760
addProjectComment = false
5861
}
5962

60-
if len(customerMaintainedActions) > 0 {
63+
if len(maintainedActionsMap) > 0 {
6164
replaceMaintainedActions = true
6265
}
6366

67+
if queryStringParams["enableLogging"] == "true" {
68+
enableLogging = true
69+
}
70+
71+
if enableLogging {
72+
// Log query parameters
73+
paramsJSON, _ := json.MarshalIndent(queryStringParams, "", " ")
74+
log.Printf("SecureWorkflow called with query parameters: %s", paramsJSON)
75+
76+
// Log input YAML (complete)
77+
log.Printf("Input YAML: %s", inputYaml)
78+
}
79+
6480
secureWorkflowReponse := &permissions.SecureWorkflowReponse{FinalOutput: inputYaml, OriginalInput: inputYaml}
6581
var err error
6682
if addPermissions {
@@ -105,7 +121,7 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
105121
}
106122

107123
if replaceMaintainedActions {
108-
secureWorkflowReponse.FinalOutput, replacedMaintainedActions, err = maintainedactions.ReplaceActions(secureWorkflowReponse.FinalOutput, customerMaintainedActions)
124+
secureWorkflowReponse.FinalOutput, replacedMaintainedActions, err = maintainedactions.ReplaceActions(secureWorkflowReponse.FinalOutput, maintainedActionsMap)
109125
if err != nil {
110126
secureWorkflowReponse.HasErrors = true
111127
}
@@ -147,5 +163,14 @@ func SecureWorkflow(queryStringParams map[string]string, inputYaml string, svc d
147163
secureWorkflowReponse.AddedHardenRunner = addedHardenRunner
148164
secureWorkflowReponse.AddedPermissions = addedPermissions
149165
secureWorkflowReponse.AddedMaintainedActions = replacedMaintainedActions
166+
167+
if enableLogging {
168+
log.Printf("SecureWorkflow complete - PinnedActions: %v, AddedHardenRunner: %v, AddedPermissions: %v, HasErrors: %v",
169+
secureWorkflowReponse.PinnedActions,
170+
secureWorkflowReponse.AddedHardenRunner,
171+
secureWorkflowReponse.AddedPermissions,
172+
secureWorkflowReponse.HasErrors)
173+
}
174+
150175
return secureWorkflowReponse, nil
151176
}

0 commit comments

Comments
 (0)