Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added support for exception rules in Scan API ( As a HTTP request) #1591

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

added support for exception rules in Scan API ( As a HTTP request) #1591

wants to merge 2 commits into from

Conversation

Sanskarzz
Copy link

@Sanskarzz Sanskarzz commented Jan 21, 2024
edited

Overview

  • Update opa-utils from v0.0.273 to v0.0.275 to add Exception in --data payload
  • Added loadexception function which runs when scanRequest or payload contains an Exception

Examples/Screenshots

Here is the command to test weather the Exception Payload is load or not

curl --header "Content-Type: application/json"   --request POST   --data '{"Exceptions": [{"name":"exclude-allowed-hostPath-control","policyType":"postureExceptionPolicy","actions":["alertOnly"],"resources":[{"designatorType":"Attributes","attributes":{"kind":".*"}}],"posturePolicies":[{"controlName":"HostPath mount"}]}]}'   http://127.0.0.1:8080/v1/scan

I used this Exception example exclude-allowed-hostPath-control

Here are results screenshots
Screenshot from 2024-01-21 22-36-52

Related issues/PRs:

fixes : #1580

@Sanskarzz
added support for exception rules
b52ea57 
Signed-off-by: Sanskarzz <sanskar.gur@gmail.com>
@Sanskarzz Sanskarzz changed the title added support for exception rules added support for exception rules in Scan API ( As a HTTp request) Jan 21, 2024
@Sanskarzz Sanskarzz changed the title added support for exception rules in Scan API ( As a HTTp request) added support for exception rules in Scan API ( As a HTTP request) Jan 21, 2024
@yuleib yuleib requested a review from matthyx January 22, 2024 06:41
@Sanskarzz
Copy link
Author

Screenshot from 2024-02-05 15-45-50

@dwertent
Copy link
Contributor

dwertent commented Feb 5, 2024

#1591 (comment)
You will need to handle the error from the returned function.
If there is an error, print a warning message.

@Sanskarzz
Copy link
Author

any update on this

@dwertent
Copy link
Contributor

dwertent commented Mar 4, 2024

@Sanskarzz Please rebase from main :)

@Sanskarzz Sanskarzz force-pushed the scanapiexception branch 2 times, most recently from ada7051 to b52ea57 Compare March 5, 2024 07:16
@Sanskarzz
Merge branch 'master' into scanapiexception
76f8076 
Signed-off-by: Sanskar Gurdasani <92817635+Sanskarzz@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwertent dwertent dwertent requested changes

@matthyx matthyx Awaiting requested review from matthyx

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Scan API - support for exception rules
2 participants
@Sanskarzz @dwertent