add BC token deprecation notice and v3 migration guide

bridgecrewio · Oct 14, 2023 · 9915628 · 9915628
1 parent 1e50959
commit 9915628
Show file tree

Hide file tree

Showing 3 changed files with 68 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -37,6 +37,7 @@ Checkov also powers [**Bridgecrew**](https://bridgecrew.io/?utm_source=github&ut
 - [Getting Started](#getting-started)
 - [Disclaimer](#disclaimer)
 - [Support](#support)
+- [Migration - v2 to v3](docs/1.Welcome/Migration.md)
 
  ## Features
 

diff --git a/checkov/common/bridgecrew/platform_integration.py b/checkov/common/bridgecrew/platform_integration.py
@@ -170,7 +170,16 @@ def is_token_valid(token: str) -> bool:
         parts = token.split('::')
         parts_len = len(parts)
         if parts_len == 1:
-            return BcPlatformIntegration.is_bc_token(token)
+            valid = BcPlatformIntegration.is_bc_token(token)
+            if valid:
+                print(
+                    "We're glad you're using Checkov with Bridgecrew!\n"
+                    "Bridgecrew has been fully integrated into Prisma Cloud with a powerful code to cloud experience.\n"
+                    "As a part of the transition, we will be shutting down Bridgecrew standalone edition at the end of 2023 (https://www.paloaltonetworks.com/services/support/end-of-life-announcements).\n"
+                    "Please upgrade to Prisma Cloud Enterprise Edition before the end of the year.\n"
+                )
+
+            return valid
         elif parts_len == 2:
             # A Prisma access key is a UUID, same as a BC API key
             if BcPlatformIntegration.is_bc_token(parts[0]) and parts[1] and BASE64_PATTERN.match(parts[1]) is not None:

diff --git a/docs/1.Welcome/Migration.md b/docs/1.Welcome/Migration.md
@@ -0,0 +1,57 @@
+---
+layout: default
+published: true
+title: Migration
+nav_order: 5
+---
+
+# Migration - v2 to v3
+
+With v3 not only new features were added, but following behaviour changed or was completely removed.
+We plan to release the new version end of October 2023.
+
+## Remove of "level up"
+
+Since Bridgecrew standalone edition will be shutting down at the [end of 2023](https://www.paloaltonetworks.com/services/support/end-of-life-announcements) we removed the "level up" flow, 
+which is triggered by just running `checkov` without any flag.
+
+## Python custom checks
+
+If you are still using the old syntax of running your custom code
+
+```python
+from __future__ import annotations
+
+from typing import Any
+
+from checkov.common.models.enums import CheckResult
+from checkov.terraform.checks.resource.base_resource_check import BaseResourceCheck
+
+
+class Example(BaseResourceCheck):
+    ...
+
+    def scan_resource_conf(self, conf: dict[str, list[Any]], entity_type: str) -> CheckResult:
+        ...
+```
+
+then you can easily use the simplified syntax and still access `entity_type`, if needed
+
+```python
+from __future__ import annotations
+
+from typing import Any
+
+from checkov.common.models.enums import CheckResult
+from checkov.terraform.checks.resource.base_resource_check import BaseResourceCheck
+
+
+class Example(BaseResourceCheck):
+    ...
+
+    def scan_resource_conf(self, conf: dict[str, list[Any]]) -> CheckResult:
+        if self.entity_type == 'aws_instance':
+            ...
+
+        ...
+```