Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(misconf): Simplify nomenclature for misconfig checks #5609

Closed
simar7 opened this issue Nov 18, 2023 · 8 comments · Fixed by aquasecurity/trivy-checks#109 or #6476
Closed

chore(misconf): Simplify nomenclature for misconfig checks #5609

simar7 opened this issue Nov 18, 2023 · 8 comments · Fixed by aquasecurity/trivy-checks#109 or #6476
Assignees
@simar7
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.51.0

Comments

@simar7
Copy link
Member

simar7 commented Nov 18, 2023

Today we have a variety of terms to refer to a check, namely:

  1. Policy
  2. Check
  3. Rule

All refer to the same concept of checking for a misconfiguration. We can simplify this and rename everything as a check.

This will require an update to both the docs and the code. This applies to both Go and Rego.
@simar7 simar7 added the scan/misconfiguration Issues relating to misconfiguration scanning label Nov 18, 2023
@itaysk
Copy link
Contributor

itaysk commented Nov 19, 2023

for reference: #3620

@knqyf263
Copy link
Collaborator

Sounds good. For example, will the policy bundle renamed to the check bundle?

@simar7
Copy link
Member Author

simar7 commented Nov 20, 2023

Sounds good. For example, will the policy bundle renamed to the check bundle?

Sounds reasonable. After all it is a bundle of checks 😄

@simar7 simar7 added the kind/feature Categorizes issue or PR as related to a new feature. label Nov 20, 2023
@itaysk
Copy link
Contributor

itaysk commented Nov 21, 2023
edited

policy is overloaded. rule is not accurate for our use case. check sounds ok to me. but i'm ok with any name we choose as long as it's consistent.

@simar7 simar7 self-assigned this Nov 21, 2023
@simar7 simar7 added this to the v0.48.0 milestone Nov 21, 2023
@simar7 simar7 mentioned this issue Nov 21, 2023
Closed
@simar7 simar7 removed this from the v0.48.0 milestone Nov 21, 2023
@knqyf263
Copy link
Collaborator

i'm ok with any name we choose as long as it's consistent.

Same here. We just need consistency.

@simar7 simar7 mentioned this issue Nov 29, 2023
Merged
@nikpivkin nikpivkin mentioned this issue Jan 10, 2024
Merged
@simar7 simar7 added this to the v0.49.0 milestone Jan 10, 2024
@simar7 simar7 modified the milestones: v0.49.0, v0.50.0 Jan 23, 2024
@simar7 simar7 mentioned this issue Feb 13, 2024
Merged
@simar7
Copy link
Member Author

simar7 commented Feb 28, 2024

Just an update on this: Most of the work is done to be able to do this restructuring, the last step being renaming the trivy-policies repo to trivy-checks.

We'll do that in the next release of Trivy as renaming a repo can have other consequences (redirection, GHCR bundle etc.) which we need to get right. So it's better to have in the next release of Trivy.

@simar7 simar7 modified the milestones: v0.50.0, v0.51.0 Feb 28, 2024
@nikpivkin
Copy link
Contributor

nikpivkin commented Feb 28, 2024
edited

@simar7 The documentation, cli flags and code still use the term policy. Will this be updated?

@simar7
Copy link
Member Author

simar7 commented Feb 29, 2024

@simar7 The documentation, cli flags and code still use the term policy. Will this be updated?

That's right. Once we have the trivy-polcies repo renamed to trivy-checks, we can start using it in Trivy and all it's parts (docs, flags, etc.)

This was referenced Apr 9, 2024
Merged
Merged
@simar7 simar7 reopened this Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Archived in project
Milestone
v0.51.0
4 participants
@itaysk @simar7 @knqyf263 @nikpivkin