checkov icon indicating copy to clipboard operation
checkov copied to clipboard
verified publisher icon bridgecrewio

feat(general): In toto output format

Open SaraWeinberg1234 opened this issue 1 year ago • 2 comments

User description

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

in-toto Attestation

fixes: https://github.com/bridgecrewio/checkov/issues/6208

Description

Added output of in-toto Attestation format

Fix

How does someone fix the issue in code and/or in runtime?

Checklist:

  • [x] My code follows the style guidelines of this project
  • [x] I have performed a self-review of my own code
  • [ ] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [ ] I have added tests that prove my feature, policy, or fix is effective and works
  • [x] New and existing tests pass locally with my changes
  • [ ] Any dependent changes have been merged and published in downstream modules

Generated description

Dear maintainer, below is a concise technical summary of the changes proposed in this PR:

Introduce the InTotoOutput class to generate in-toto attestation format outputs for security scans. This class, located in checkov/common/output/in_toto_output.py, calculates SHA256 hashes for files and structures the attestation data. The RunnerRegistry class in checkov/common/runners/runner_registry.py is updated to support the new "in_toto" output format, integrating it into the existing output generation process. Additionally, tests for the InTotoOutput class are added in tests/common/output/test_in_toto_output.py to ensure the correctness of the output generation and writing functionalities.

TopicDetails
InTotoOutput Tests Add tests for the InTotoOutput class to ensure the correctness of the output generation and writing functionalities.
Modified files (1)
  • tests/common/output/test_in_toto_output.py
Latest Contributors(0)
EmailCommitDate
InTotoOutput Class Implement the InTotoOutput class to generate in-toto attestation format outputs for security scans.
Modified files (1)
  • checkov/common/output/in_toto_output.py
Latest Contributors(0)
EmailCommitDate
RunnerRegistry Update Update the RunnerRegistry class to integrate the new "in_toto" output format into the existing output generation process.
Modified files (1)
  • checkov/common/runners/runner_registry.py
Latest Contributors(2)
EmailCommitDate
[email protected]chore-update-cloudspla...September 18, 2024
47212872+EmmaVinen@use...feat-general-allow-too...September 11, 2024
This pull request is reviewed by Baz. Join @SaraWeinberg1234 and the rest of your team on (Baz).

SaraWeinberg1234 avatar Jun 24 '24 12:06 SaraWeinberg1234

Hi @SaraWeinberg1234, Thanks for your contribution, please add some tests

matansha avatar Jun 26 '24 08:06 matansha

Looks good to me! @tsmithv11 Could you please review it? Thx.

ChanochShayner avatar Jul 15 '24 13:07 ChanochShayner

Hey @SaraWeinberg1234, Could you please merge the latest changes from the main branch into your branch? Thanks!

MaryArmaly avatar Jan 15 '25 08:01 MaryArmaly

Fixed! I merged the latest changes from the main branch into my branch (InTotoOutputFormat). The .merge was successful, and everything seems to be working as expected

‫בתאריך יום ד׳, 15 בינו׳ 2025 ב-10:20 מאת ‪MaryArmaly‬‏ <‪ @.***‬‏>:‬

Hey @SaraWeinberg1234 https://github.com/SaraWeinberg1234, Could you please merge the latest changes from the main branch into your branch? Thanks!

— Reply to this email directly, view it on GitHub https://github.com/bridgecrewio/checkov/pull/6488#issuecomment-2591909663, or unsubscribe https://github.com/notifications/unsubscribe-auth/BD5LXTDR7CXNTRZDVWYQRVT2KYK3HAVCNFSM6AAAAABJZV23YCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOJRHEYDSNRWGM . You are receiving this because you were mentioned.Message ID: @.***>

SaraWeinberg1234 avatar Jan 15 '25 10:01 SaraWeinberg1234