From e84217e7d7822b09bd40c6267628a957bb8da8e2 Mon Sep 17 00:00:00 2001 From: Darren Murray Date: Fri, 9 Apr 2021 13:43:07 +0100 Subject: [PATCH 1/2] fix: Json result adheres to filters for cmd get-report(aws,gcp,azure) Signed-off-by: Darren Murray --- cli/cmd/compliance.go | 8 ++------ cli/cmd/compliance_aws.go | 12 +++++++++--- cli/cmd/compliance_azure.go | 12 +++++++++--- cli/cmd/compliance_gcp.go | 12 +++++++++--- integration/compliance_aws_test.go | 11 +++++++++++ 5 files changed, 40 insertions(+), 15 deletions(-) diff --git a/cli/cmd/compliance.go b/cli/cmd/compliance.go index d39d096ad..911b9b660 100644 --- a/cli/cmd/compliance.go +++ b/cli/cmd/compliance.go @@ -189,12 +189,8 @@ func complianceReportSummaryTable(summaries []api.ComplianceSummary) [][]string } } -func complianceReportRecommendationsTable(recommendations []api.ComplianceRecommendation) ([][]string, string) { +func complianceReportRecommendationsTable(recommendations []api.ComplianceRecommendation) [][]string { out := [][]string{} - var filteredOutput string - if complianceFiltersEnabled() { - recommendations, filteredOutput = filterRecommendations(recommendations) - } for _, recommend := range recommendations { out = append(out, []string{ recommend.RecID, @@ -211,7 +207,7 @@ func complianceReportRecommendationsTable(recommendations []api.ComplianceRecomm return severityOrder(out[i][3]) < severityOrder(out[j][3]) }) - return out, filteredOutput + return out } func buildComplianceReportTable(detailsTable, summaryTable, recommendationsTable [][]string, filteredOutput string) string { diff --git a/cli/cmd/compliance_aws.go b/cli/cmd/compliance_aws.go index 1a6f7780e..9290013dd 100644 --- a/cli/cmd/compliance_aws.go +++ b/cli/cmd/compliance_aws.go @@ -159,12 +159,18 @@ To run an ad-hoc compliance assessment of an AWS account: return errors.New("there is no data found in the report") } + report := response.Data[0] + filteredOutput := "" + + if complianceFiltersEnabled() { + report.Recommendations, filteredOutput = filterRecommendations(report.Recommendations) + } + if cli.JSONOutput() { - return cli.OutputJSON(response.Data[0]) + return cli.OutputJSON(report) } - report := response.Data[0] - recommendations, filteredOutput := complianceReportRecommendationsTable(report.Recommendations) + recommendations := complianceReportRecommendationsTable(report.Recommendations) cli.OutputHuman("\n") cli.OutputHuman( buildComplianceReportTable( diff --git a/cli/cmd/compliance_azure.go b/cli/cmd/compliance_azure.go index d16676e34..a40c9ad99 100644 --- a/cli/cmd/compliance_azure.go +++ b/cli/cmd/compliance_azure.go @@ -188,12 +188,18 @@ To run an ad-hoc compliance assessment use the command: return errors.New("there is no data found in the report") } + report := response.Data[0] + filteredOutput := "" + + if complianceFiltersEnabled() { + report.Recommendations, filteredOutput = filterRecommendations(report.Recommendations) + } + if cli.JSONOutput() { - return cli.OutputJSON(response.Data[0]) + return cli.OutputJSON(report) } - report := response.Data[0] - recommendations, filteredOutput := complianceReportRecommendationsTable(report.Recommendations) + recommendations := complianceReportRecommendationsTable(report.Recommendations) cli.OutputHuman("\n") cli.OutputHuman( buildComplianceReportTable( diff --git a/cli/cmd/compliance_gcp.go b/cli/cmd/compliance_gcp.go index bcb47c90f..d9549afef 100644 --- a/cli/cmd/compliance_gcp.go +++ b/cli/cmd/compliance_gcp.go @@ -158,13 +158,19 @@ To run an ad-hoc compliance assessment use the command: return errors.New("there is no data found in the report") } + report := response.Data[0] + filteredOutput := "" + + if complianceFiltersEnabled() { + report.Recommendations, filteredOutput = filterRecommendations(report.Recommendations) + } + if cli.JSONOutput() { - return cli.OutputJSON(response.Data[0]) + return cli.OutputJSON(report) } - report := response.Data[0] + recommendations := complianceReportRecommendationsTable(report.Recommendations) cli.OutputHuman("\n") - recommendations, filteredOutput := complianceReportRecommendationsTable(report.Recommendations) cli.OutputHuman( buildComplianceReportTable( complianceGcpReportDetailsTable(&report), diff --git a/integration/compliance_aws_test.go b/integration/compliance_aws_test.go index e43b9a07b..94deceae6 100644 --- a/integration/compliance_aws_test.go +++ b/integration/compliance_aws_test.go @@ -84,3 +84,14 @@ func TestComplianceAwsGetReportDetails(t *testing.T) { assert.Contains(t, out.String(), "ASSESSED", "STDOUT table headers changed, please check") } + +func TestComplianceAwsGetReportFiltersWithJsonOutput(t *testing.T) { + account := os.Getenv("LW_INT_TEST_AWS_ACC") + out, err, exitcode := LaceworkCLIWithTOMLConfig("compliance", "aws", "get-report", account, "--severity", "critical", "--json") + severities := []string{"\"severity\": 2","\"severity\": 3","\"severity\": 4", "\"severity\": 5"} + assert.Empty(t, err.String(), "STDERR should be empty") + assert.Equal(t, 0, exitcode, "EXITCODE is not the expected one") + // When critical severity filter is set, other severities should not be returned in json result + assert.NotContains(t, severities, out.String(), + "Json output does not adhere to severity filter") +} \ No newline at end of file From 83f5c34cfbe8f41d5c1534faa1cbbf2fe87dbd55 Mon Sep 17 00:00:00 2001 From: Darren Murray Date: Mon, 12 Apr 2021 18:59:04 +0100 Subject: [PATCH 2/2] test: Add test for event list with severity filter and json flag Signed-off-by: Darren Murray --- integration/event_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/integration/event_test.go b/integration/event_test.go index dd5a7d48a..5c5cf2668 100644 --- a/integration/event_test.go +++ b/integration/event_test.go @@ -135,3 +135,15 @@ func TestEventCommandOpenError(t *testing.T) { assert.Equal(t, 1, exitcode, "EXITCODE is not the expected one") } + +func TestEventCommandListSeverityWithJsonFlag(t *testing.T) { + out, err, exitcode := LaceworkCLIWithTOMLConfig("event", "list", "--severity", "high", "--json") + severities := []string{"\"severity\": 3","\"severity\": 4", "\"severity\": 5"} + assert.Empty(t, + err.String(), + "STDERR should be empty") + assert.Equal(t, 0, exitcode, + "EXITCODE is not the expected one") + assert.NotContains(t, severities, out.String(), + "Json output does not adhere to severity filter") +} \ No newline at end of file