From c4040f92dc6effaca474f98db02816a5e9febfe2 Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:19:22 -0700 Subject: [PATCH 1/8] add verbose option --- action.yml | 5 +++++ entrypoint.sh | 6 +++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index cf25b69..c872ce8 100644 --- a/action.yml +++ b/action.yml @@ -32,6 +32,9 @@ inputs: sarif_upload: description: 'if true a sarif file named terrascan.sarif will be generated with the results of the scan' required: false + verbose: + description: ' will show violations with details (applicable for default output)' + required: false runs: using: 'docker' image: 'Dockerfile' @@ -46,6 +49,8 @@ runs: - ${{ inputs.config_path }} - ${{ inputs.only_warn }} - ${{ inputs.sarif_upload }} + - ${{ inputs.verbose }} + branding: icon: 'code' color: 'blue' diff --git a/entrypoint.sh b/entrypoint.sh index aba648f..74efd87 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,6 +11,8 @@ echo "INPUT_POLICY_PATH=${INPUT_POLICY_PATH}" echo "INPUT_SKIP_RULES=${INPUT_SKIP_RULES}" echo "INPUT_CONFIG_PATH=${INPUT_CONFIG_PATH}" echo "INPUT_SARIF_UPLOAD=${INPUT_SARIF_UPLOAD}" +echo "INPUT_VERBOSE=${INPUT_VERBOSE}" + # Creating arguments for terrascan args="" @@ -38,7 +40,9 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi - +if[ ${INPUT_VERBOSE} == true] + args="${args} -v" +fi # Executing terrascan echo "Executing terrascan as follows:" echo "terrascan scan ${args}" From e58476cadecce798363a99fff12074eede0fbc88 Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:25:59 -0700 Subject: [PATCH 2/8] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 74efd87..a5e1946 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi -if[ ${INPUT_VERBOSE} == true] +if [ ${INPUT_VERBOSE} == true] args="${args} -v" fi # Executing terrascan From 684e23e272bddb3f826f772b4cfb1209539d04f2 Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:28:17 -0700 Subject: [PATCH 3/8] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index a5e1946..5c5616e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi -if [ ${INPUT_VERBOSE} == true] +if [ ${INPUT_VERBOSE} == true]; then args="${args} -v" fi # Executing terrascan From 4c1aa4f119d7f96802f7cbc2560d5aaeb06a19d1 Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:36:30 -0700 Subject: [PATCH 4/8] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 5c5616e..3a5c371 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi -if [ ${INPUT_VERBOSE} == true]; then +if [ ${INPUT_VERBOSE} == 'true']; then args="${args} -v" fi # Executing terrascan From 7f10c6c650b7658554e67e8092a6a2fe4c8923ff Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:41:44 -0700 Subject: [PATCH 5/8] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 3a5c371..584d1be 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi -if [ ${INPUT_VERBOSE} == 'true']; then +if [ ${INPUT_VERBOSE} == 'true' ]; then args="${args} -v" fi # Executing terrascan From ec58a01d256e369538a24c27fb12cc09836f792d Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:44:15 -0700 Subject: [PATCH 6/8] Update entrypoint.sh --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index 584d1be..8237fd4 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -40,7 +40,7 @@ fi if [ "x${INPUT_CONFIG_PATH}" != "x" ]; then args="${args} -c ${INPUT_CONFIG_PATH}" fi -if [ ${INPUT_VERBOSE} == 'true' ]; then +if [ ${INPUT_VERBOSE} == true ]; then args="${args} -v" fi # Executing terrascan From e7a6f05a4cf6ec27a0b1b939a2d477879b828081 Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:49:18 -0700 Subject: [PATCH 7/8] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 6be77a7..d26b0aa 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,9 @@ The action will only warn and not error when violations are found. ### `sarif_upload` If this variable is included, a sarif file named terrascan.sarif will be generated with the results of the scan. +### `verbose` +If this variable is included, the scan will show violations with additional details (Rule Name/ID, Resource Name/Type, Violation Category) + ## Example usage ```yaml @@ -52,6 +55,7 @@ jobs: iac_version: 'v14' policy_type: 'aws' only_warn: true + verbose: true #sarif_upload: true #non_recursive: #iac_dir: From bc78e73767f526f8475089f47218ae63c3e4e79c Mon Sep 17 00:00:00 2001 From: mihirhasan Date: Mon, 2 Aug 2021 12:54:56 -0700 Subject: [PATCH 8/8] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index c872ce8..2aa5cea 100644 --- a/action.yml +++ b/action.yml @@ -33,7 +33,7 @@ inputs: description: 'if true a sarif file named terrascan.sarif will be generated with the results of the scan' required: false verbose: - description: ' will show violations with details (applicable for default output)' + description: ' will show violations with additional details (applicable for default output)' required: false runs: using: 'docker'