Commit Graph

348 Commits (8116ac4ccfbc1da412bb9dafb613a84037c702f2)

Author SHA1 Message Date
sundowndev 460ac9f767 fix: filter out s3 buckets from different regions 2021-03-17 17:23:36 +01:00
Elie 2ed311e10d
Fix race conditions when using multiples runners in a single supplier 2021-03-17 16:55:34 +01:00
sundowndev 1155e7c89f refactor: use structured logging 2021-03-17 14:31:19 +01:00
sundowndev 3d8740a921 fix: remove provider initialization message
Fixes #337 - Move the message to debug logs instead of standard logs since it's confusing for the user when scanning.
2021-03-17 14:15:14 +01:00
sundowndev 2a3a8cd122 refactor(cmd): rename header option to headers
headers is more relevant since it's about adding multiple headers at a time.
2021-03-17 13:54:33 +01:00
sundowndev 601fc16a45 Merge branch 'main' into feat/HTTPBackend 2021-03-17 12:23:02 +01:00
Martin Guibert d8665726b9 fix race condition on progress that could cause deadlock 2021-03-17 10:14:43 +01:00
sundowndev 78a2316fd8 Merge branch 'main' into feat/HTTPBackend 2021-03-16 17:10:54 +01:00
Elie 04756eb960
Merge branch 'main' into fix/random_res_nam_acc 2021-03-16 16:58:54 +01:00
sundowndev 4d9f8fa60b chore: fix merge conflict 2021-03-16 16:48:07 +01:00
sundowndev e91ad26591 test: update scan & supplier tests
to include tfstate+http and tfstate+https schemes
2021-03-16 16:35:28 +01:00
Martin Guibert 28d3a6df7e Add progress service that display a spinner until stopped or timeouted 2021-03-16 16:35:20 +01:00
sundowndev 0ad9ac7050 chore: fix lint errors 2021-03-16 16:29:32 +01:00
sundowndev fbb78673f1 feat: create backend options to send HTTP headers
Some users may want to send headers along with the request, for example when authorization is requred.
2021-03-16 16:21:28 +01:00
Martin Guibert 6e67a5d832 add date to res names for dynamo and lambda event source mapping 2021-03-16 15:24:32 +01:00
sundowndev ce1e9ec82b feat(backend): implement http(s) backend 2021-03-16 11:57:48 +01:00
Louis TOUSSAINT 0257b69bd2 Issue 232: Add tests to follow wildcard match checker updates 2021-03-15 12:44:33 +01:00
Louis TOUSSAINT 9780bdf725 Issue 232: Update DriftIgnore to implement new wildcard match checker 2021-03-15 12:44:33 +01:00
Martin Guibert f31a8a8395 Use printer to not break output isolation
added pinter interface to print info
json output use void printer is the path output it stdout
2021-03-15 12:03:35 +01:00
Elie 618b8edad7
Change error message to avoid unrelated error grouping on sentry 2021-03-12 16:47:05 +01:00
Elie 16a3c44624
Merge branch 'main' into fix_aws_db_instance 2021-03-11 11:12:11 +01:00
Elie 64ee24ced8
Fix false positive drift on aws_db_instance 2021-03-11 11:02:20 +01:00
Elie 8769517c49
Fix false positive in aws_db_subnet_group 2021-03-11 10:56:50 +01:00
Louis TOUSSAINT d6595ff9f1 Issue 274: Add line number to logger when encounter invalid driftignore line 2021-03-09 11:59:39 +01:00
Martin Guibert 35dc02099f add pointer to user roles and groups
users, roles and groups can be nil but gocty refuse to deserialize in
this case
2021-03-04 17:44:46 +01:00
Elie 2c1ae57cef
Fix typo in github enumeration error 2021-03-03 11:05:36 +01:00
Elie cb986f573d
Merge branch 'main' into handle_github_listing_error 2021-03-03 10:32:29 +01:00
Elie c70fb41f6b
Merge branch 'main' into issue_151_lotoussa 2021-03-02 15:58:38 +01:00
Elie 1c34d869ed
Merge branch 'main' into add_github_branch_protection 2021-03-02 15:47:18 +01:00
Elie 7d0a28c6e8
Add github_branch_protection 2021-03-02 15:45:21 +01:00
Louis TOUSSAINT 36ffed55c9 Issue 151: Rename ListAllRepositories 2021-03-02 15:25:03 +01:00
Louis TOUSSAINT 11437d03da Issue 151: Add ecr_repository resource tests 2021-03-02 15:25:03 +01:00
Louis TOUSSAINT cf634bfd54 Issue 151: Add ecr_repository resource 2021-03-02 15:25:01 +01:00
Martin Guibert 0933a6a642 add support for aws_lambda_source_event_mapping 2021-03-02 14:44:51 +01:00
Elie 350d8399a8
Handle enumeration error from multiples providers 2021-03-02 14:16:49 +01:00
William Beuil 0287ab12b2
Updates 2021-03-02 12:36:57 +01:00
William Beuil 59998620da
Add github_team_membership 2021-03-02 12:36:57 +01:00
Elie ba8f950aad
Add github membership 2021-03-01 15:05:18 +01:00
Elie c90da70b56
Allow to use a whole local directory as IaC source 2021-02-26 12:41:50 +01:00
William Beuil 839ae746e7
Add kms_alias 2021-02-25 14:19:49 +01:00
Elie e76a8e432b
Merge branch 'main' into res/kms_key 2021-02-25 10:54:51 +01:00
Elie c7155f2c5b
Add github_team 2021-02-25 10:49:46 +01:00
William Beuil 30a9d5cc2d
Add kms_key 2021-02-25 10:44:37 +01:00
Elie a1d84e1f7d
Merge branch 'main' into fea/refacto_rds_repository 2021-02-25 10:34:07 +01:00
Elie a3d21be021
Merge branch 'main' into fea/refacto_lamda_repository 2021-02-25 10:28:31 +01:00
Elie 9f2ac63469
Merge branch 'main' into fix/cloudfront 2021-02-25 10:14:27 +01:00
Elie 1c7778477c
Merge branch 'main' into allow_prefix_usage_in_iac_source_for_s3 2021-02-25 10:05:59 +01:00
Martin Guibert 922626c77c refacto rds supplier and test to use mock and repository 2021-02-24 17:29:57 +01:00
Martin Guibert 984b8feee7 refacto lambda supplier and test to use mock and repository 2021-02-24 16:31:23 +01:00
William Beuil e515c8195f
Update normalization 2021-02-24 15:13:17 +01:00
Elie 5bf6a4ad7a
Add acc test 2021-02-24 14:19:08 +01:00
Elie 69345a5c34
Add state enumerator 2021-02-24 14:18:59 +01:00
Martin Guibert 700879714a refacto ec2 to use repository 2021-02-23 18:47:42 +01:00
Martin Guibert c46096018e refacto route53 to use repository everywhere 2021-02-22 14:14:47 +01:00
Elie 76d98ed8e7
Remove custom mock and add repository for S3 2021-02-18 17:56:48 +01:00
Elie 2f0cc304ae
Fix bucket location returns EU for buckets in eu-west-1 2021-02-18 17:29:31 +01:00
Elie 68d0dbc5f5
Remove fullname display for GH repos 2021-02-18 16:29:22 +01:00
Elie 08ee8b55f3
Fix mistake tests ... 2021-02-18 16:01:22 +01:00
Elie a2e96bb962
Fix mistake 2021-02-18 15:59:45 +01:00
Elie 0c06dfa26a
Merge branch 'main' into go1.16 2021-02-18 15:04:16 +01:00
Martin 22d618f009
Merge branch 'main' into res/cloudfront 2021-02-18 13:31:29 +01:00
Louis TOUSSAINT 1562b4bea7 Issue 226: Update alerter pkg to fit with the Alert interface implementer 2021-02-18 11:23:56 +01:00
Louis TOUSSAINT 4fbb62c377 Issue 226: Update output_test to fit with the Alert interface implementer, also add access denied alert test for output console and json 2021-02-18 11:23:56 +01:00
Louis TOUSSAINT c426e4827a Issue 226: Update aws_route_table_expander to implement Alert interface 2021-02-18 11:23:56 +01:00
Louis TOUSSAINT 0aef6f3184 Issue 226: Update resource_enumeration_error_handler to implement Alert
interface
2021-02-18 11:23:56 +01:00
Louis TOUSSAINT b63533b2df Issue 226: Update console output to display policy if an access denied
is encountered
2021-02-18 11:23:56 +01:00
Louis TOUSSAINT 1ea69565fb Issue 226: Update analyzer pkg to implement Alert interface 2021-02-18 11:23:55 +01:00
Louis TOUSSAINT 399a2c3d58 Issue 226: Modify Alert type to interface and add serializable Alert
struct
2021-02-18 10:55:55 +01:00
Elie db3430921f
Update to go 1.16 2021-02-18 10:16:18 +01:00
William Beuil 476c6c62db
Add cloudfront_distribution resource 2021-02-17 15:52:09 +01:00
Martin Guibert f18ce79086 add support for route53 health check 2021-02-16 18:54:04 +01:00
Elie 2112ef7ada
Remove useless struct 2021-02-16 17:35:42 +01:00
Elie 56a60d9898
Better mocks 2021-02-16 17:35:41 +01:00
Elie cf531bc0a6
Add support for github_repository 2021-02-16 10:56:30 +01:00
Elie e137537596
Add a name to terraform provider 2021-02-16 10:56:29 +01:00
William Beuil b9150d5d2d
Warn on unmanaged security group rules 2021-02-15 15:49:20 +01:00
Elie 8e72b0fc7a
Remove useless provider add in test 2021-02-12 17:05:42 +01:00
Elie 59c061d2f6
Fix aws suppliers and tests to use new provider 2021-02-12 16:29:39 +01:00
Elie cf5d3d1f6d
use generic AZ attribute in suppliers 2021-02-12 16:18:27 +01:00
Elie 0749c72024
Create generic terraform provider 2021-02-12 16:18:26 +01:00
Martin faaf4a3ff1
Merge branch 'main' into fea/dymabodb_table 2021-02-12 10:24:59 +01:00
Martin Guibert 73ffe8280f add support for dynamodb_table 2021-02-11 18:18:08 +01:00
Elie 8bf44f9462
Merge branch 'main' into plugin_log_improvment 2021-02-11 14:55:00 +01:00
Elie 31a3cf52d1
Add new logger for terraform plugin 2021-02-10 15:04:07 +01:00
Elie 74f9a2cdfc
Merge branch 'main' into better_error_handling 2021-02-10 15:00:34 +01:00
Elie 5e0484ac9d
Use errors.Errorf 2021-02-10 14:37:59 +01:00
Martin Guibert 5be35dbb0f add polling for sns acc tests 2021-02-10 10:59:37 +01:00
Elie ca7694084e
ignore usage errors from sentry capture 2021-02-09 22:19:24 +01:00
Elie eddb5a9485
make driftctl Run() return proper error 2021-02-09 19:44:27 +01:00
Elie b2cf465aeb
Use pkg/errors to view stack on sentry 2021-02-09 19:43:39 +01:00
Elie e30ab6eb2b
Fix acc test lockfile diffs 2021-02-09 18:12:49 +01:00
Elie 3dacdc8fea
Merge branch 'main' into issue_184_lotoussa 2021-02-09 14:01:14 +01:00
Louis TOUSSAINT 2e0a36e9d8 ISSUE 184: Create test file for aws_iam_access_key stringer 2021-02-09 13:29:35 +01:00
Louis TOUSSAINT 9679667bda ISSUE 184: Improve aws_iam_access_key_ext output by creating stringer 2021-02-09 11:00:28 +01:00
Martin Guibert 0916a37d7e fix policies in topic subscription not beeing tag as jsonstring 2021-02-09 10:52:27 +01:00
Elie 9f93dcee2a
Merge branch 'main' into remove_aws_from_provider_install 2021-02-09 10:25:54 +01:00
Elie bc8b1f53a0
Merge pull request #228 from cloudskiff/fix_default_drift_sns_topic
Fix false positive drifts on aws_sns_topic
2021-02-08 18:43:14 +01:00
Elie 2f7fa28622
Fix false positive drifts on aws_sns_topic 2021-02-08 18:38:57 +01:00
Elie 03af2ca770
Fix policy displayed inline 2021-02-08 18:36:20 +01:00
Elie 792d09cd0b
Make provider install and download independent from aws 2021-02-08 16:42:35 +01:00
Elie a956cf938a
Merge branch 'main' into issues_79_lotoussa 2021-02-08 15:35:19 +01:00
Louis TOUSSAINT d28dd21345 ISSUE 79: Rewrite humanString statement in console.go 2021-02-08 15:26:13 +01:00
Louis TOUSSAINT 04039f7aff ISSUE 79: Create a more readable aws_route53_zone output 2021-02-08 13:46:36 +01:00
Louis TOUSSAINT 738d2234ee ISSUE 79: Create a more readable aws_route53_record output 2021-02-08 13:46:32 +01:00
Martin Guibert 18f7ad6bb8 add support for aws_sns_topic_subscription 2021-02-08 12:09:38 +01:00
Elie bc0c052f4b
Merge branch 'main' into fix_s3_acc_test_collisions 2021-02-05 16:15:41 +01:00
Elie 14e742a4e6
Add random string in s3 acc test bucket name 2021-02-05 16:07:21 +01:00
Martin Guibert 7041cf12e5 add support for sns_topic_policy
modify sns_topic support so that we create sns_topic_policy for inline
policy
2021-02-05 14:08:28 +01:00
Elie f87d3e4691
Merge branch 'main' into handle_invalid_routes_in_table 2021-02-05 13:42:18 +01:00
Elie 5b9b70c525
Remove reference used in loops 2021-02-04 22:45:10 +01:00
William Beuil dcee6fd6b3
Add retry mechanism for polling, use it to poll sqs queues during acc tests 2021-02-04 22:16:18 +01:00
Martin Guibert 06469bd62d add acceptency test 2021-02-04 09:37:33 +01:00
Martin Guibert dad6bbff73 fix doc, add aws permissions for sns topics 2021-02-04 09:37:33 +01:00
Martin Guibert 740b872e01 update test, stringer for sns topic, refacto client into repository 2021-02-04 09:36:42 +01:00
Martin Guibert 7351511dd1 add support for sns_topic 2021-02-04 09:36:42 +01:00
William Beuil 0d738f9dc4
Update SQS suppliers and tests 2021-02-03 21:08:57 +01:00
William Beuil d3c542c004
Add aws_sqs_queue_policy 2021-02-03 20:52:52 +01:00
William Beuil ad5ad4cc76
Add aws_sqs_queue 2021-02-03 20:52:51 +01:00
Elie 04fe9c4d40
Fix unexpected deleted resources in acceptance tests
Cobra cmd seems to return flag twice when executed multiples times
2021-02-03 19:20:21 +01:00
Elie a8f0300405
Handle invalid route crash in middlewares 2021-02-03 16:24:55 +01:00
Elie aacf6c6768
Make sentry attach stack for every report 2021-02-03 15:49:26 +01:00
Elie 8963a4c029
Add CI config to schedule acceptance tests 2021-02-02 18:48:39 +01:00
msfendourakis d9d1d01958 use continue instead of else to skip empty lines and comments 2021-02-01 14:37:57 +02:00
msfendourakis f926abe009 fix: add newline in the EOF 2021-02-01 14:11:14 +02:00
msfendourakis c8ad6d555a Merge branch 'main' into skip_driftignore_warns 2021-02-01 13:58:34 +02:00
msfendourakis 6884ca9477 skip comments or empty lines after scan 2021-02-01 13:56:47 +02:00
msfendourakis 7b822ec534 check if line is empty or commented out after scan 2021-02-01 13:35:25 +02:00
msfendourakis d0b72d0a32 add empty line and comment 2021-02-01 13:32:02 +02:00
Elie 5daec82ecc
Remove singleton to fix issues when chain multiples cmd run
We have some issue when running acceptance test, more generally
when we use to execute scan cmd multiples times.
We were using global singletons for provider and resources suppliers
managment which lead us to improper state in the second scan run.
We should avoid this in the future and make proper initialization of our
dependencies maybe using a dependency injection container.
2021-02-01 11:49:50 +01:00
msfendourakis 7b2db4ca87 skip warnings on commented out and empty lines 2021-02-01 12:24:44 +02:00
William BEUIL 31e20a1b88
Merge branch 'main' into acc_test_fixes 2021-01-29 18:38:58 +01:00
Elie f06a426f90
Fix acceptance test issues
- Set all test AZ to us-east-1
- Use terraform overriden env in PreCheck() to ensure mutations are
  executed with read write credentials
- Fix hidden error in aws_instance test (tag creation failure was not
  handled
- Minor fmt fix
2021-01-29 18:36:26 +01:00
Elie 61b81c209c
Merge branch 'main' into fea/alert_res_list 2021-01-29 16:29:34 +01:00
Elie 43dcb8609f
Merge branch 'v0.3' 2021-01-29 13:00:06 +01:00
Martin Guibert 95777b42c5 hotfix for multiple computed alert being send 2021-01-29 12:43:46 +01:00
Martin Guibert bebf5c887c alert and ignore when listing resources is forbidden 2021-01-29 10:19:52 +01:00
sshota0809 8da505153f Make DCTL_NO_VERSION_CHECK accept any value
Closed: #162

Signed-off-by: sshota0809 <8736380+sshota0809@users.noreply.github.com>
2021-01-29 18:15:31 +09:00
Elie 3618aa5769
Merge branch 'main' into fix/bucket_policy 2021-01-28 16:50:08 +01:00
Elie c4c5499cb6
Return exit code 1 when infrastructure not in sync 2021-01-28 14:34:21 +01:00
William Beuil 54a7bb211d
Middleware to explode inline policy 2021-01-28 10:37:59 +01:00
Elie aeafb861d7
Add support for terraform modules 2021-01-25 15:41:21 +01:00
Elie 554f6c7736
Merge branch 'main' into fix_iam_user_false_positive 2021-01-25 11:36:29 +01:00
Elie 046c4ae04f
Fix false positive drift on aws_iam_user 2021-01-25 11:35:17 +01:00
Martin 1c92f12c54
Merge branch 'main' into fea/send_one_aler_computed 2021-01-22 14:38:38 +01:00
Martin Guibert e47075729c only send one alert for computed fields 2021-01-22 14:37:24 +01:00
Elie 639b9b2725
Merge branch 'main' into completion 2021-01-22 11:45:26 +01:00
William Beuil fad0147566
Add middleware 2021-01-22 11:32:56 +01:00
William Beuil 814eb1a692
Updates 2021-01-22 11:10:11 +01:00
William Beuil ecb1007a62
Completion command with tests 2021-01-22 10:57:27 +01:00
Martin Guibert 7db31a1399 only sent one alert for computed fieds 2021-01-21 18:05:29 +01:00
William Beuil 734adf5cea
Add aws_internet_gateway resource 2021-01-21 16:00:16 +01:00
Elie 4543525f16
Merge branch 'main' into add_aws_nat_gateway 2021-01-21 15:28:50 +01:00
Elie 24ae387019
Remove unwanted resources from IaC test 2021-01-21 10:44:07 +01:00
Elie 4faab489d2
Add aws_nat_gateway 2021-01-21 09:53:04 +01:00
Elie 211cd53f8d
Add route_table_association 2021-01-20 13:50:32 +01:00
Elie 81c608973b
Add support for multiples IaC sources 2021-01-18 17:56:21 +01:00
William Beuil ddfb22263f
Refactor isDefaultSecurityGroup function 2021-01-15 17:03:16 +01:00
William Beuil bd233350a9
Add aws_default_security_group 2021-01-15 17:03:16 +01:00
Elie 3eb84e0500
Add aws_route, aws_route_table, aws_default_route_table support 2021-01-14 18:23:59 +01:00
Elie 6508ed4ec9
Fix a weakness in analyzer 2021-01-14 18:17:34 +01:00
Elie 7662214f95
Merge branch 'main' into fix_useless_exported_fields 2021-01-11 19:58:40 +01:00
Elie c457f125e2
Remove useless exports in VPC supplier 2021-01-11 18:18:55 +01:00
Elie 06abff67ba
Add support for aws_subnet and aws_default_subnet 2021-01-11 18:16:16 +01:00
William Beuil 011b380fcf
Review updates 2021-01-11 17:34:04 +01:00
William Beuil 71d0d7d224
Change computed field logic 2021-01-11 17:34:04 +01:00
William Beuil 8e5b6de9b2
Add alerting 2021-01-11 17:34:04 +01:00
Elie 5e6288000f
Start by reading IaC before enumerate cloud resources
Ensure IaC source are valid prevent us to fail after a potentially long
running cloud resources scan.
2021-01-08 12:10:25 +01:00
Elie 1a05e3ef33
Merge branch 'main' into fix_crash_for_s3_buckets 2021-01-07 10:18:36 +01:00
Elie 8a06eaa318
Fix crash for buckets in us-east-1 2021-01-07 10:06:08 +01:00
Elie c83b538d6a
Several improvements on acceptance tests
- Add filter on aws_instance test
- Add terraform locks
- Do not run terraform init if already done previously
- Do not use chdir in tests (it could cause race if we want to switch to parallel tests, uses --from arg instead)
- Handle terraform destroy errors
2021-01-06 17:57:32 +01:00
Elie 97575cb27f
Make driftignore fields case-insensitive 2021-01-06 15:59:01 +01:00
Elie 7d6b6a86f8
Merge branch 'main' into fix/records 2021-01-06 14:48:05 +01:00
William Beuil 563f1a9ed3
Fix records that has the same FQDN 2021-01-06 14:44:09 +01:00
Elie 896edb91d8
Ignore unknown attributes error in state 2021-01-06 12:38:53 +01:00
Elie 28b44e57d7
Capture panic in // runner and fwd to sentry 2021-01-06 09:56:42 +01:00
Elie e77a5b390a
Remove invalid chars in filenames (for windows) 2021-01-05 17:42:34 +01:00
Elie 12db6eeb40
Merge branch 'main' into add_crash_reporting 2021-01-05 15:30:31 +01:00
Elie efb5fddf5a
Add sentry error reporting 2021-01-05 15:19:08 +01:00
Elie 88b1379730
Fix test execution failed on darwin 2021-01-05 14:38:42 +01:00
William BEUIL c4484dce8d
Merge branch 'main' into fix_broken_ignore 2021-01-04 18:08:12 +01:00
Elie 1d71ca53a2
Merge branch 'main' into fix/route-53 2021-01-04 16:40:45 +01:00
Elie ced1260898
Fix broken driftignore 2021-01-04 16:19:34 +01:00
William Beuil 1bde15eb6c
Add acceptance test 2021-01-04 15:51:22 +01:00
Elie 6aceaff771
Some review fixes 2021-01-04 14:40:19 +01:00
William Beuil 98d1021505
Rely on the FQDN to compare two route53 records 2021-01-04 13:47:02 +01:00
Martin Guibert 2a363841ed refactor effective filtering into analyzer 2020-12-23 15:58:38 +01:00
Martin Guibert 42207e3be1 add ability to ignore field drift 2020-12-23 14:53:16 +01:00
William BEUIL 4a3ef8751e
Merge branch 'main' into fix/fail_on_bad_fmt 2020-12-23 11:13:52 +01:00
Martin Guibert 1adac9f085 fix formatting issues 2020-12-23 10:56:56 +01:00
William Beuil 539b525df5
Consistency across resources 2020-12-22 12:17:04 +01:00
Stephane Jourdan 69083d2739 fix minor typo reported by user 2020-12-19 09:48:56 +01:00
Elie bbe91ffef0
Add aws vpc support 2020-12-17 18:26:37 +01:00
Elie 711ffde3a2
Add env to disable version check 2020-12-17 15:32:18 +01:00
Elie 2282ebadad
Avoid to display false positive drift on instances when eip attached 2020-12-14 12:22:29 +01:00
Stephane Jourdan 4f336a30a1 move deprecated version out of provider 2020-12-14 11:03:42 +01:00
Elie f4714af0cc
Fix acceptance tests
- Better terraform error output
- Remove terraform version constraint in test files
2020-12-14 10:50:45 +01:00
Martin Guibert 23e7d14707 Add the same normalization from state and remote 2020-12-11 11:45:33 +01:00
Elie ff72de8e77
🍾 Initial release
Co-authored-by: William BEUIL <william.beuil@cloudskiff.com>
Co-authored-by: Martin GUIBERT <martin@cloudskiff.com>
2020-12-09 16:35:26 +01:00