Skip to content

Commit

Permalink
fix(queries): add suffix In Defaults for Ansible config queries (#7314)
Browse files Browse the repository at this point in the history 
* add suffix In Defaults for ansible config queries

* fix nifcloud readme
  • Loading branch information
@cx-ruiaraujo
cx-ruiaraujo authored Jan 17, 2025
1 parent 4bf94f2 commit b7ff43f
Show file tree
Hide file tree
Showing 27 changed files with 23 additions and 23 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ Find security vulnerabilities, compliance issues, and infrastructure misconfigur
</a>
</td>
<td>
<a href="https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#nifcloud_for_terraform">
<a href="https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#nifcloud-for-terraform">
<img alt="NIFCloud" src="docs/img/logo-nifcloud.png" width="110">
</a>
</td>
Expand Down
7 changes: 0 additions & 7 deletions ...ts/queries/ansible/config/allow_unsafe_lookups_enabled/test/positive_expected_result.json
View file

This file was deleted.

2 changes: 1 addition & 1 deletion ...llow_unsafe_lookups_enabled/metadata.json → ...lookups_enabled_in_defaults/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "86b97bb4-85c9-462d-8635-cbc057c5c8c5",
"queryName": "Allow Unsafe Lookups Enabled",
"queryName": "Allow Unsafe Lookups Enabled In Defaults",
"severity": "HIGH",
"category": "Insecure Configurations",
"descriptionText": "When enabled, this option allows lookup plugins to return data that is not marked 'unsafe'.",
Expand Down
0 ...g/allow_unsafe_lookups_enabled/query.rego → ...fe_lookups_enabled_in_defaults/query.rego
View file
File renamed without changes.
0 ...unsafe_lookups_enabled/test/negative1.cfg → ...ps_enabled_in_defaults/test/negative1.cfg
View file
File renamed without changes.
0 ...unsafe_lookups_enabled/test/negative2.cfg → ...ps_enabled_in_defaults/test/negative2.cfg
View file
File renamed without changes.
0 ...unsafe_lookups_enabled/test/positive1.cfg → ...ps_enabled_in_defaults/test/positive1.cfg
View file
File renamed without changes.
7 changes: 7 additions & 0 deletions ...nsible/config/allow_unsafe_lookups_enabled_in_defaults/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[
{
"queryName": "Allow Unsafe Lookups Enabled In Defaults",
"severity": "HIGH",
"line": 19
}
]
7 changes: 0 additions & 7 deletions assets/queries/ansible/config/communication_over_http/test/positive_expected_result.json
View file

This file was deleted.

2 changes: 1 addition & 1 deletion ...fig/communication_over_http/metadata.json → ...ation_over_http_in_defaults/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "d7dc9350-74bc-485b-8c85-fed22d276c43",
"queryName": "Communication over HTTP",
"queryName": "Communication Over HTTP In Defaults",
"severity": "MEDIUM",
"category": "Insecure Configurations",
"descriptionText": "Using HTTP URLs (without encryption) could lead to security vulnerabilities and risks",
Expand Down
0 ...config/communication_over_http/query.rego → ...nication_over_http_in_defaults/query.rego
View file
File renamed without changes.
0 ...ommunication_over_http/test/negative1.cfg → ..._over_http_in_defaults/test/negative1.cfg
View file
File renamed without changes.
0 ...ommunication_over_http/test/positive1.cfg → ..._over_http_in_defaults/test/positive1.cfg
View file
File renamed without changes.
7 changes: 7 additions & 0 deletions ...ies/ansible/config/communication_over_http_in_defaults/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[
{
"queryName": "Communication Over HTTP In Defaults",
"severity": "MEDIUM",
"line": 5
}
]
2 changes: 1 addition & 1 deletion ...g/logging_of_sensitive_data/metadata.json → ..._sensitive_data_in_defaults/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "c6473dae-8477-4119-88b7-b909b435ce7b",
"queryName": "Logging of Sensitive Data",
"queryName": "Logging of Sensitive Data In Defaults",
"severity": "LOW",
"category": "Best Practices",
"descriptionText": "To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True",
Expand Down
0 ...nfig/logging_of_sensitive_data/query.rego → ..._of_sensitive_data_in_defaults/query.rego
View file
File renamed without changes.
0 ...ging_of_sensitive_data/test/negative1.cfg → ...itive_data_in_defaults/test/negative1.cfg
View file
File renamed without changes.
0 ...ging_of_sensitive_data/test/positive1.cfg → ...itive_data_in_defaults/test/positive1.cfg
View file
File renamed without changes.
0 ...ging_of_sensitive_data/test/positive2.cfg → ...itive_data_in_defaults/test/positive2.cfg
View file
File renamed without changes.
4 changes: 2 additions & 2 deletions ...e_data/test/positive_expected_result.json → ...faults/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
[
{
"queryName": "Logging of Sensitive Data",
"queryName": "Logging of Sensitive Data In Defaults",
"severity": "LOW",
"filename": "positive1.cfg",
"line": 1
},
{
"queryName": "Logging of Sensitive Data",
"queryName": "Logging of Sensitive Data In Defaults",
"severity": "LOW",
"filename": "positive2.cfg",
"line": 39
Expand Down
2 changes: 1 addition & 1 deletion ...alation_using_become_plugin/metadata.json → ...g_become_plugin_in_defaults/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "404908b6-4954-4611-98f0-e8ceacdabcb1",
"queryName": "Privilege Escalation Using Become Plugin",
"queryName": "Privilege Escalation Using Become Plugin In Defaults",
"severity": "MEDIUM",
"category": "Access Control",
"descriptionText": "In order to perform an action as a different user with the become_user, 'become' must be defined and set to 'true'",
Expand Down
0 ...escalation_using_become_plugin/query.rego → ...sing_become_plugin_in_defaults/query.rego
View file
File renamed without changes.
0 ...on_using_become_plugin/test/negative1.cfg → ...ome_plugin_in_defaults/test/negative1.cfg
View file
File renamed without changes.
0 ...on_using_become_plugin/test/negative2.cfg → ...ome_plugin_in_defaults/test/negative2.cfg
View file
File renamed without changes.
0 ...on_using_become_plugin/test/positive1.cfg → ...ome_plugin_in_defaults/test/positive1.cfg
View file
File renamed without changes.
0 ...on_using_become_plugin/test/positive2.cfg → ...ome_plugin_in_defaults/test/positive2.cfg
View file
File renamed without changes.
4 changes: 2 additions & 2 deletions ...plugin/test/positive_expected_result.json → ...faults/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
[
{
"queryName": "Privilege Escalation Using Become Plugin",
"queryName": "Privilege Escalation Using Become Plugin In Defaults",
"severity": "MEDIUM",
"filename": "positive1.cfg",
"line": 10
},
{
"queryName": "Privilege Escalation Using Become Plugin",
"queryName": "Privilege Escalation Using Become Plugin In Defaults",
"severity": "MEDIUM",
"filename": "positive2.cfg",
"line": 12
Expand Down

0 comments on commit b7ff43f

Please sign in to comment.