chain-bench icon indicating copy to clipboard operation
chain-bench copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

chain bench config file and output assertion rules

Open itaywol opened this issue 3 years ago • 2 comments

My idea here is creating a .chain-benchrc | chain-bench.config.json file that the repository will hold And upon running the cli in the context of that repository it will read that config file for any configuration for chain-bench

Leveraging that config file, add rules key into the json with sub keys pass and fail those will hold assertions over the json output of chain-bench that will decide what will be the exit code.

For now when I want to assert over the chain bench output (JSON format), I am doing it with jq or rego.

itaywol avatar Jul 08 '22 08:07 itaywol

Something like so

{
    "quiet":true, // Other configurations here
    "rules": {
        "https://github.com/aquasecurity/*": { // Supporting wildcards
            "fail":{
                "1.1.3": {
                    "result":"Failed"
                },
                "1.1.14": ["Failed","Unknown"] // Alternatively supporting couple of results
            }
        }

    }
}

So everytime you run chain-bench against any repository in aquasecurity the following rules will be applied

itaywol avatar Jul 08 '22 09:07 itaywol

Like that! will be great feature, we'll take it 🙏🏽

naortalmor1 avatar Jul 21 '22 10:07 naortalmor1