Skip to content

Commit

Permalink
initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
simar7 committed Sep 15, 2023
0 parents commit e84aac3
Show file tree
Hide file tree
Showing 81 changed files with 9,129 additions and 0 deletions.
28 changes: 28 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
---
name: Bug report
about: Create a report to help us improve
title: 'bug: '
labels: ["bug", "needs-triage"]
assignees: ''
---
**Describe the bug**
<!-- A clear and concise description of what the bug is. -->
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
<!-- A clear and concise description of what you expected to happen. -->
**Output of your tfsec command with --debug flag**
<!-- If applicable, add screenshots/output to help explain your problem. Remove sensitive info first! -->
**System Info**
<!-- complete the following -->
- tfsec version: `?`
- terraform version: `?`
- OS: `?`
**Example Code**
<!-- a minimal terraform example which will help us reproduce the issue (remove anything sensitive first!) -->
**Additional context**
<!-- Add any other context about the problem here. -->
26 changes: 26 additions & 0 deletions .github/ISSUE_TEMPLATE/check-template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
---
name: Check Template
about: Describe this issue template's purpose here.
title: 'check: '
labels: new check
assignees: ''

---

**Provider**
<!-- Specify the provider. eg; aws -->

**Severity**
<!-- Specify the severity of the issue -->

**Short Code**
<!-- Provide a terse code for the check -->

**Description**
<!-- Provide a description of the check -->

**Explanation**
<!-- Provide a longer explanation for the issue -->

**Link**
<!-- Add a link to the providers documentation -->
15 changes: 15 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
# Maintain dependencies for go-modules
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "weekly"
ignore:
- dependency-name: "github.com/zclconf/go-cty"
versions: ["1.x"]
12 changes: 12 additions & 0 deletions .github/workflows/bypass-cla.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# This workflow is used to bypass the required status checks in merge queue.
# cf. https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/troubleshooting-required-status-checks
name: CLA
on:
merge_group:

jobs:
cla:
name: license/cla
runs-on: ubuntu-latest
steps:
- run: 'echo "No test required"'
32 changes: 32 additions & 0 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: golangci-lint

on:
push:
tags:
- v*
branches:
- master
- main
pull_request:
merge_group:

permissions:
contents: read
pull-requests: read

jobs:
golangci:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version-file: go.mod
cache: true
cache-dependency-path: go.sum
- uses: golangci/golangci-lint-action@v3
with:
version: v1.48
skip-cache: true
args: --timeout 10m --verbose
27 changes: 27 additions & 0 deletions .github/workflows/stale.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: 'Close stale issues and PRs'

on:
schedule:
- cron: '0 15 * * *'

permissions:
issues: write
pull-requests: write

jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v4
with:
stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.'
stale-pr-message: 'This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 10 days.'
close-issue-message: 'This issue was closed because it has been stalled for 7 days with no activity.'
close-pr-message: 'This PR was closed because it has been stalled for 7 days with no activity.'
days-before-issue-stale: 30
days-before-pr-stale: 30
days-before-issue-close: 365
days-before-pr-close: 365
stale-issue-label: stale
stale-pr-label: stale

39 changes: 39 additions & 0 deletions .github/workflows/test-go.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: test go

on:
pull_request:
merge_group:
schedule:
- cron: 0 23 * * *

jobs:
build:
name: building defsec
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ macos-latest, windows-latest, ubuntu-latest ]

steps:
- uses: actions/checkout@v3

- uses: actions/setup-go@v3
if: matrix.os != 'windows-latest'
with:
go-version-file: go.mod
cache: true
cache-dependency-path: go.sum
- uses: actions/setup-go@v3
if: matrix.os == 'windows-latest'
with:
go-version-file: go.mod
cache: false

- name: Run non-localstack tests
if: matrix.os != 'ubuntu-latest'
run: make test-no-localstack
shell: bash
- name: Run full tests
if: matrix.os == 'ubuntu-latest'
run: make test
shell: bash
12 changes: 12 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Test binary, built with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Dependency directories (remove the comment below to include it)
vendor/
.idea/
*.iml
.vscode/
.DS_Store
37 changes: 37 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
linters:
disable-all: true
enable:
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- unused
- bodyclose
- cyclop
- durationcheck
- errname
- errorlint
- exportloopref
- goimports
- gocritic
- gosec

linters-settings:
cyclop:
max-complexity: 18
gocritic:
disabled-checks:
- singleCaseSwitch
staticcheck:
checks:
- all
- '-SA1019' # TODO

issues:
exclude-rules:
- path: "."
linters:
- typecheck


6 changes: 6 additions & 0 deletions CODE_OF_CONDUCT.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Code of Conduct

Aqua Security open source projects follow the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md).

Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to a project maintainer.

21 changes: 21 additions & 0 deletions LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
MIT License

Copyright (c) 2021 Aqua Security

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
17 changes: 17 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
.PHONY: test
test:
go test -race ./...

.PHONY: test-no-localstack
test-no-localstack:
go test $$(go list ./... | grep -v internal/adapters/cloud/aws | awk -F'github.com/aquasecurity/defsec/' '{print "./"$$2}')

.PHONY: quality
quality:
which golangci-lint || go install github.com/golangci/golangci-lint/cmd/[email protected]
golangci-lint run --timeout 3m --verbose

.PHONY: update-aws-deps
update-aws-deps:
@grep aws-sdk-go-v2 go.mod | grep -v '// indirect' | sed 's/^[\t\s]*//g' | sed 's/\s.*//g' | xargs go get
@go mod tidy
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# trivy-aws
Loading

0 comments on commit e84aac3

Please sign in to comment.