Skip to content

Releases: stelligent/config-lint

v0.0.1

11 Apr 18:25
6fb7f8f
Compare
Choose a tag to compare

Changelog

45971d9 Add circleci for project and use goreleaser for managing releases
1d2c1a2 Initial
1fa6ef1 Merge branch 'master' into lambda
f89858b Merge branch 'master' into value_from
361f374 Merge branch 'master' of github.com:lhitchon/config-lint
b0e4062 Merge branch 'master' of github.com:lhitchon/config-lint
1e1e4d2 Merge branch 'master' of github.com:stelligent/config-lint
6fb7f8f Merge pull request #1 from cplee/master
557f9d2 Update README
5685542 ValidationReport now has a single map where keys are violation severity (instead of having a Warnings array and a Failures array. Changed the search option to convert the ValidationReport to JSON, and then search that instead
f7475cf add --rules command line option
b5eae02 add --search option to help develop rules
b3fe2df add --tag command line option to limit rules checked
b117af5 add -validate option, reorder functions in app.go
d257475 add Conditions
1119c25 add Dockerfile-web
aaf31db add LICENSE.md
bf21d60 add LoggingFunction to control debugging output
08b27a0 add RuleID to the ScannedResource type
9cfc227 add SecurityGroupLinter
a6f994a add TODO item
334805e add TODO item to README
0a1d3ec add TODO items
1aa2b21 add TODO to README
423e301 add TerraformResource to improve processing
bdb8fa7 add ValidationResult, organize code into smaller functions
b181cc3 add ValueSource to Linters, pass down to ResourceLinter
515c5ac add a few more operators, with examples
b2b0fe8 add a generic YAML linter, where rules file describes resource in the files to be linted
e79c2e4 add another example to the README
5204189 add aws_ebs_volume
1a575eb add badge
18a9a1d add better error handling for invoke external handler
bc91ddb add collection assertions, test fixtures
24fde43 add dep, VERSION, improve Makefile
e683fcc add documention for --query to README
155e34a add example for s3_bucket, which uses the data keyword, not resource
562913d add example of every expression to generic linter
44bcbfd add example rules for IAM roles
cd202d1 add example rules for SQS
4dda162 add example terraform rules for S3 bucket policies
fe7e36c add example that check for wildcards in IAM policies
0cad7c8 add examples for SNS topic policy
e4342f4 add except attribute to Rule, contains a list of ResourceIds that should be ignored by the rule
866cc38 add except handling to terraform and kubernetes linters
826f7c3 add filename to output for --search
4f7a0b0 add has-properties operator
29f1e92 add helper function to filter resources for a rule
54812f8 add idea to TODO list
7a81455 add interface for ExternalRuleInvoker, add test
01b3276 add interface for fetching values that can read from S3
b876cc4 add invoke property for custom rules
7c0dd8f add is-true, is-false
c3bb53b add lambda entry point
fa6602e add more TODO ideas to README
3a40a18 add more complicated nested boolean test
b98523a add more documentation to README
90c1a66 add more kubernetes examples
38ea858 add new example file of Terraform checks
95ac472 add new linter type to lint-rules.yml
7d1c902 add not operation
9d8089f add not-contains
fa6bd0f add not-empty op
0530ebf add option WEB_ROOT so webserver can find its static content
67e7a17 add present operator, update test data
f5216dd add ruleSet as parameter to Linter.Search so filenames can be filtered
f5d5244 add simple webserver for Terraform demo
1ea6607 add some TODO items to the README
41b693a add some better Kubernetes examples
71bc16e add tags to README
3a204fb add value_type integer, improve tests to always use interface{} to match JSON parsing results
5b33bbe add web/assets directory, use go:generate to create assets.go
998d5f8 add whitespace to kubernetes rule file, add some tags
2f3b77a add xor
96e81bc another place change to isMatch requires the test to be reversed
bd37847 better example for ne in README
961d6fa better example in README for --query
2dfa3cc better examples for security groups
c32b5ff better regexp example
10d327e change contains operation to work differently for strings and arrays
935e314 change how matches are done to add support for new operations: and, or
f201958 change validate function to return []Violation instead of taking a pointer to a ValidationReport
66d7373 change web background to highlight data areas, make results a read only panel
f5091d3 change webserver to use AJAX
47b3d55 clean up golint errors - comments and naming conventions
355fddd clean up security group example rules, add ipv6
0e50c0c clean up some functions in terraform.go, add TODO to README
0682475 convert MockExternalRuleInvoker to simple counter
896d72a convert some lists in README to tables
5bf593f create ValidationReport to accumulate results
c9774f8 create builtin-rules directory
bf5dbb1 define Linter interface, use for two existing linters
6c0301d do filtering for tag and id at the same time, combine the lists
89336cb docs for installation via homebrew
15aecc9 example for ELB logging access config
9ce584f experiment with value_from
b5dd99c extract AWSResourceLinter from SecurityGroupLinter, add IAMUserLinter
dfb36cd extract JSONStringify from SearchData
0bd5549 extract S3 bucket and key from value_from.url
e46323b extract ValidateResources from FileLinter into ResourceLinter, update SecurityGroupLinter to use it
e7b6944 extract call to MustParseRules from terraform and kubernetes functions
2300bce extract some common code into BaseLinter
4d5a064 fix Terraform rules, example config for web
4525f31 fix YAML error in terraform example rules
d83e321 fix build problems with lambda.go
92ece66 fix filter when only tags or ruleIds specified, add better tests
de67063 fix typo in README
22bad46 fix typo in README
8968626 fix typo in lambda log message
c669a7d fix typos in README
2dce325 fix value_type integer conversions
69a86ab for regex use Compile instead of MustCompile
32c5d27 get resources types from files, not a hard-coded list
6499aa2 golint fix: change has_properties to hasProperties
7378d3e handle file with no resource or data elements
a616f88 have CheckAssertion return struct with status and message, add key to isMatch messages
12203b9 have Linter.Validate return files and violations instead of updating a ValidationReport
1c3eb4c have Search return interface{} instead of JSON string
833a967 have YAMLLinter use JMESPath to find resourceID
dea2719 have empty operation work differently based on type
413e53d have expressions return MatchResult instead of bool
7c22f51 have match return MatchResult instead of just a bool to allow for better error reporting
d178241 have rule conditions use andExpression, update rules for -validate, update docs
7512f08 have separate functions to resolve and apply rules, so any external calls to resolve values are only made once per rule
c105e9c have single function to load rules
e02be90 have validate function return ValidationReport instead of separate slices used to make a ValidationReport
9397578 ignore JMESPath errors for --search option
cdb83c0 ignore assume_role_policy that is not a string
9a146ab implement LintRules type to lint the linter
ee4a950 implement value_from for http and https
4433548 improve absent operator
cb87c98 improve error responses for web
358bc2f improve the output a little, probably should print in table format
7df92bc include Log attribute in StandardValueSource
503d9b8 include a list of resources that were scanned in the ValidationReport
f6929cc include all the Terraform rules in web
3f116fd include more builtin-rules for Terraform
8748c3a include user policies in IAMUserLoader
8211ab1 initialize ValidationReport for kubernetes
0018570 make FAILURE the default severity
a46a568 make rule message match actual test
3e9edad make testing helper function non public so testing options are not included in -help for cli
33741c8 make the validate functions a method on the linter types
02eb774 more documentation in README
fecce34 more example security group ingress/egress rules
9f70c72 more examples for README
8906552 more functions into separate files, unit tests for rules and filters
3e0fac2 more golint fixes
0527cb3 more info in message for in operator
26e8845 more operators
29df2dc more output for --search option
e500ed9 move Linter implementations to separate package
2c642ef move builtin validation rules to a string variable
7400d94 move docs for supported operations to separate file
837f518 move makeLinter function to linter.go
5f97ea8 move template and rules to separate files
93b5fd1 move terraform function to terraform file
fe547c2 move value resolution up a level (still should separate resolve and apply)
6fee717 name tests in match_test.go
30c0bba only print single report for all files
49005ed only process items labelled as resources for Terraform
4f9c98f output JSON report, add --query flag to control output
d648986 parse assume_role_policy strings in terraform
4dcb869 pass array of Filter objects to orOperation, andOperation instead of parent object
12a4619 read cloudformation and terraform filenames to scan from command line
7dc8288 read rules for Lambda from S3
9e8ead5 refactor FileLinter code, add ResourceLoader to type instead of func parameter
8051aac refactor assertion_test.go to be more table driven
055d22d refactor filter.go with intermediate boolean functions
27e3c44 refactor invoke.go code, convert to use Post instead of Get
697cd74 refactor linters - create LinterOptions type to group two existing options
6419f32 refactor testing code
b5b6970 remote TODO item from README
4ecbe32 remove --cloudformation option, related files
e961429 remove --terraform option since it is now the only file type supported
7ceeed3 remove a couple TODO items from README
e71c956 remove convertToSlice, use type switch instead
346d4d7 remove duplicate filter functions
0a0a1d4 remove filenames from Linter interface, pass to constructor for linters that use files
87612b9 remove install of goreleaser
39ee7c9 remove more duplication in assertion_test.go
2152f14 remove redundant call to unquoted
4a94c9c remove redundant loop in Rul...

Read more