New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: Add documentation for contributing additional checks to the trivy policies repo #6234
base: main
Are you sure you want to change the base?
Conversation
|
||
Now you'll need to update all of the adapters which populate the Foo provider struct. For example, if you want to support Terraform, you'll need to update `internal/adapters/terraform/foo/bar/adapt.go`. | ||
|
||
Finally, make sure you run make schema to generate the schema for your new service. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
explain what, who
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there's naturally some overlap between this and the other doc about custom checks. given the difference between them is only an extra step (do you want to contribute it or keep it to yourself), it highlights the inconsistency between the otherwise similar docs. for example, this doc basically documents how to write an AWS check, but I wouldn't think to read it if I didn't want to contribute to Trivy. If it's not too much, I would refactor the content into: 1) creating custom checks - should fully document all the guidelines related to the rego file, testing, metadata, AWS examples etc. this can be multiple docs if needed. 2) contributing a custom check to trivy - refers to the other doc and explains how to take a check you wrote (not explained here) and just contribute it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I rewrote it -- some components that are not relevant for anyone writing custom checks for their usage of Trivy are however a requirement when contributing the check back into Trivy
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a difference between
- Writing/Contributing Rego Checks
- Writing/Contributing Custom Compliance Reports
This docs is the first
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
…evision Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
d0fbeb9
to
d9a2ee3
Compare
| custom.short_code | Any characters | Descriptive name for the check | N/A | :material-close: | :material-check: | :material-check: | | ||
| custom.subtypes | Cloud Resource Subtypes | Refer to the section on subtypes below | N/A | :material-close: | :material-check: | :material-close: | | ||
| custom.recommended_actions | Any characters | Describing what the user should do to resolve the issue | N/A | :material-close: | :material-check: | :material-check: | | ||
| custom.input.selector.type | Any item(s) in [this list][source-types] | More information provided below | N/A | :material-close: | :material-check: | :material-check: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to update the link to source-types
to point to here
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
3da123a
to
3bbfe5f
Compare
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
3bbfe5f
to
c9255cd
Compare
Merge Main branch
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
The documentation is taken from the defsec repository and rewritten:
https://github.com/aquasecurity/defsec/blob/master/CONTRIBUTING.md