Releases: tenable/terrascan
v1.3.0
Changelog
2b8e2cd #394: recognize that empty values for username and password in master_auth block will disable basic auth
c33ebed -support color for default output -change color for 'file'
9d40d8e 1. added setup func to download policies 2. fix code smells
4fbe4ac 1. fix debug messages 2. fix typos in test name
3fd3d95 1. fix debug messages 2. fix typos in test name
c36691f 1. fix panic for list variables 2. test for list variables
33cd0e7 1. fix summary order 2. fix colored writer test
bf202e0 1. format summary 2. print empty quotes when resource name is absent
10ee6d5 1. modify existing tests of Run 2. add new tests for Run
e0c2e07 1. remove _ from test func 2. define variable for error string in test func
63d9867 1. support of rule skip comment for tf 2. human readable output modifications
0212180 1. support skip and scan rules in the server mode 2. refactor the existing config reader code 3. update unit tests 4. incorporate PR review comments
f0cbb79 1. support skip resource with comment. 2. skipped resource violations in output.
2ca27b9 1. toml config file based rule skipping 2. tests around rule scanning and skipping
c4b9aa7 1. update fix for exit code 2. remove default command code
6603436 APE-1319: Revamped Getting Started Section
a086a65 Add Docker image release tagging on release
6d79769 Add new policy for checking insecure_ssl on github_repository_webhook
185f8c6 Add policy AC-K8-NS-SE-M-0188 for CVE-2020-8554
3f759b9 Add v13 flag option for terraform iac
6da5e88 Add v13 flag option for terraform iac
1f296e6 Added Unit test coverage for Kustomize V3 Iac-provider
b1c5360 Added terraform v14 support
d356d5c Apply fix for self referential variables to non-parent modules
87cf969 Bump github.com/gorilla/mux from 1.7.4 to 1.8.0
4d74093 Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
eb7e1dc Bump github.com/hashicorp/go-version from 1.2.0 to 1.2.1
03ea645 Bump github.com/iancoleman/strcase from 0.1.1 to 0.1.3
2330164 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
a264778 Bump github.com/mattn/go-isatty from 0.0.8 to 0.0.12
9664dcc Bump github.com/pelletier/go-toml from 1.8.0 to 1.8.1
7d0e3a0 Bump github.com/spf13/afero from 1.3.4 to 1.5.1
feb1a9e Bump github.com/zclconf/go-cty from 1.2.1 to 1.7.1
7a14d2d Bump go.uber.org/zap from 1.13.0 to 1.16.0
07092e5 Bump sigs.k8s.io/kustomize/api from 0.6.5 to 0.7.1
1801ce9 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
385da16 Bump sigs.k8s.io/kustomize/api from 0.7.1 to 0.7.2
a4dc4ef Fire clientCertificateEnabled rule when client certificate is enabled
8a70f9e Fix infinite loop on variable resolution
21d311b Fix link to rego playground in policies documentation
7e1a1bb Fix typo in architecture documentation
2986401 Fix: potential bug added in PR #470
2536a09 Fix: potential bug added in PR #470
66c14cd Fixing policy description
12ce5c6 For human readable output display json output when '--config-only' is used
433415c IMDSv1 check policy
d6872fa IMDSv1 policy: update category, description
df73bc4 IMDSv1 policy: update category, description
5fc9818 Merge branch 'imdsv1-fix' of github.com:accurics/terrascan into imdsv1-fix
283d7d9 Merge branch 'master' into dependabot/go_modules/go.uber.org/zap-1.16.0
2df50b4 Merge branch 'master' into issue-422
23fe143 Merge branch 'master' of github.com:accurics/terrascan into argo-cd-hook
9058454 Merge pull request #386 from HorizonNet/issue-355
4d42c95 Merge pull request #387 from accurics/pyup-update-mkdocs-material-6.1.4-to-6.1.5
dbd5237 Merge pull request #393 from dinedal/fix_infinite_loop_on_variable_resolution
6a24967 Merge pull request #396 from acc-jon/issue394
d37fb58 Merge pull request #397 from therasec/bugfix/gcpcosimage
ab97a48 Merge pull request #399 from dev-gaur/issue_379
55a6c2c Merge pull request #401 from accurics/pyup-update-mkdocs-material-6.1.5-to-6.1.6
9b32df3 Merge pull request #402 from lucas-giaco/master
a463ede Merge pull request #409 from HorizonNet/issue-403
4614d5d Merge pull request #410 from HorizonNet/issue-398
8d6e722 Merge pull request #417 from harkirat22/master
929e377 Merge pull request #419 from accurics/imdsv1-fix
559c45d Merge pull request #420 from accurics/fix-jon-testorder
51d6b44 Merge pull request #423 from HorizonNet/issue-421
f96af13 Merge pull request #424 from HorizonNet/issue-422
2498741 Merge pull request #425 from accurics/pyup-update-mkdocs-material-6.1.6-to-6.1.7
9c5476c Merge pull request #427 from acc-jon/windows-colors
90e4ea7 Merge pull request #428 from gauravgogia-accurics/master
287b370 Merge pull request #430 from accurics/ape-1319
7cc4f16 Merge pull request #431 from patilpankaj212/human_readable_output
32ff137 Merge pull request #434 from kanchwala-yusuf/feature/skip-rules
ce61b02 Merge pull request #435 from accurics/docs/fix-link
c57bb06 Merge pull request #436 from patilpankaj212/scan-refactor
b8a6849 Merge pull request #441 from patilpankaj212/scan-and-skip-rules
960c77b Merge pull request #443 from chenrui333/go-1.15
02e77b8 Merge pull request #444 from chenrui333/add-dependabot-support
432ec9f Merge pull request #445 from accurics/pyup-update-mkdocs-material-6.1.7-to-6.2.3
4557d22 Merge pull request #447 from accurics/dependabot/go_modules/github.com/gorilla/mux-1.8.0
9ac1b32 Merge pull request #448 from accurics/dependabot/go_modules/sigs.k8s.io/kustomize/api-0.7.1
6fab349 Merge pull request #449 from accurics/dependabot/go_modules/github.com/zclconf/go-cty-1.7.1
0f79088 Merge pull request #452 from accurics/docs/pipeline
5a19951 Merge pull request #454 from accurics/argo-cd-hook
20a4bdb Merge pull request #455 from patilpankaj212/annotations-based-skipping
45a7885 Merge pull request #456 from accurics/amirbenv-patch-1
5385258 Merge pull request #457 from harkirat22/master
c39a76d Merge pull request #458 from patilpankaj212/fix-exit-code-on-error
76bf739 Merge pull request #460 from harkirat22/master
f9b176c Merge pull request #462 from ScaleSec/deprecated_gcs_bucket
3368850 Merge pull request #463 from accurics/amirbenv-patch-1
5c565e6 Merge pull request #464 from accurics/pyup-update-mkdocs-material-6.2.3-to-6.2.4
2272168 Merge pull request #465 from accurics/k8s-generateName
e5f74e4 Merge pull request #466 from patilpankaj212/skip-comment-and-scan-summary-additions
49bf32d Merge pull request #470 from dev-gaur/tf14besides12
792166e Merge pull request #473 from harkirat22/harkirat22/362
7c974f6 Merge pull request #474 from harkirat22/harkirat22/359
12f226a Merge pull request #475 from harkirat22/harkirat22/352
c313c32 Merge pull request #476 from harkirat22/harkirat22/432
12b58f2 Merge pull request #479 from patilpankaj212/bugFix
29bbd42 Merge pull request #480 from williepaul/policy-update-2021-01-14
9b65423 Merge pull request #481 from accurics/dependabot/go_modules/github.com/pelletier/go-toml-1.8.1
0cbd6d0 Merge pull request #482 from accurics/dependabot/go_modules/github.com/hashicorp/go-version-1.2.1
9002ce6 Merge pull request #484 from accurics/dependabot/go_modules/github.com/iancoleman/strcase-0.1.3
c713b5c Merge pull request #485 from accurics/dependabot/go_modules/github.com/spf13/afero-1.5.1
5b63ac8 Merge pull request #486 from accurics/dependabot/go_modules/go.uber.org/zap-1.16.0
ddb6f64 Merge pull request #487 from accurics/v1.3-docs
4ef6ce1 Merge pull request #488 from accurics/pyup-update-mkdocs-material-6.2.4-to-6.2.5
a3cee2d Merge pull request #489 from harkirat22/harkirat22/331
4a05a56 Merge pull request #490 from harkirat22/harkirat22/382
643a76a Merge pull request #492 from accurics/dependabot/go_modules/github.com/mattn/go-isatty-0.0.12
b445fd0 Merge pull request #494 from accurics/dependabot/go_modules/sigs.k8s.io/kustomize/api-0.7.2
6251a4a Merge pull request #497 from dev-gaur/fix_potential_bug_470
d301c3a Merge pull request #499 from dev-gaur/tf_v13_flag
f75dd1a Merge pull request #502 from kanchwala-yusuf/release-1.3.0
f4c70ae Merge remote-tracking branch 'origin/master' into lucas-giaco/master
8b644b5 Return varRef instead of val
e336ad6 Update CHANGELOG.md
01e26c4 Update CHANGELOG.md
34979da Update CHANGELOG.md
9ae9128 Update README.md
bad6027 Update README.md
5f48ba9 Update README.md
bcb5790 Update README.md
bc4a4f3 Update README.md
ae1763f Update README.md
916ecf8 Update go.mod
f506ca4 Update go.sum
7bf5afa Update mkdocs-material from 6.1.4 to 6.1.5
766bae8 Update mkdocs-material from 6.1.5 to 6.1.6
8d82c92 Update mkdocs-material from 6.1.5 to 6.1.6
dd2d7fd Update mkdocs-material from 6.1.6 to 6.1.7
b6ce97a Update mkdocs-material from 6.1.7 to 6.2.3
9c71078 Update mkdocs-material from 6.2.3 to 6.2.4
cea7d75 Update mkdocs-material from 6.2.4 to 6.2.5
1fd99c3 Update mkdocs-material from 6.2.4 to 6.2.5
9ff312a Update policy example in the documentation
be9c502 Using constants
bae80a8 Using constants
cecc7bf add ScanSummary to ViolationStore
ff73e3a add annotations in test file
60ce034 add annotations in test file
62236df add cases for human readable
fe0c724 add check for privileged containers (rule 106)
3bafe49 add comment for SkipRules in ResourceConfig struct
df42ce9 add link to CLI options
31ee512 add support for extracting rules to skip from terraform resource config comments
b6db0ae add test in run_test for scan and skip rules using config file
c727767 add warning message for terraform v12 users
a359304 added unit tests for breaking changes case
a05d83d adding an else condition to relate management lock with resource group
39067c7 adding an else condition to relate the flow log with vpc
ab0ebc6 adding rule to check if waf is enabled at cloud front distribution
e0e6bd7 adding specific steps to argocd integration
51888c4 adding unit tests for extracting rule ids to skip from terraform resource config comments
380e60a adding unit tests for testing no rule ids present
a194b49 adds gitlab and github ci integration docs
a1e3947 adds link to k8s policy docs
12f6439 adds logo
4bd932b annotations based skipping
919aece annotations based skipping
443129b bump go to 1.15
6e7b687 changed the description to ...
v1.2.0
Changelog
a56270e Add check for visibility for github_repository
53657d0 Add instructions for booting terrascan demo
85a0666 Add line about kubernetes YAML/JSON support
c228665 Add new policy for checking insecure_ssl on github_organization_webhook
780408e Add policy set for GitHub provider
8b5f811 Add step-by-step instructions for interacting with the demo env
5b612ed Bring Go to 1.15 in Github Actions
414035d Bring Go to 1.15 in Github Actions
d6eb16e Fix typo
9792a28 Fixed messed up merge
cd2c0c5 Fixes header
e783b6b Fixes typo
35c1c54 Merge branch 'colorize' of github.com:acc-jon/terrascan into colorize
f799685 Merge branch 'master' into issue-325
2fe16cc Merge branch 'master' into issue-325
e1df4c1 Merge branch 'master' of https://github.com/accurics/terrascan
1f89abd Merge pull request #1 from accurics/master
afc78b5 Merge pull request #319 from kklin/demo-badge
570cc9b Merge pull request #333 from HorizonNet/issue-326
424c823 Merge pull request #334 from HorizonNet/issue-325
c061f02 Merge pull request #335 from accurics/readme-update-k8s
0b22a65 Merge pull request #336 from accurics/auto-pickup-supportedtypes
f380b89 Merge pull request #337 from accurics/docs/github-policies
dcd76dd Merge pull request #340 from accurics/pyup-update-mkdocs-material-5.5.12-to-5.5.14
9aad2cf Merge pull request #343 from kmonticolo/fix_typo
25a7c45 Merge pull request #344 from accurics/bugfix/fix-providers-unit-test
f1c80fe Merge pull request #345 from accurics/feature/downloader-support
45a6ee9 Merge pull request #346 from accurics/pyup-update-mkdocs-material-5.5.14-to-6.0.1
556d333 Merge pull request #347 from acc-jon/colorize
49f66ed Merge pull request #348 from accurics/pyup-update-mkdocs-material-6.0.1-to-6.0.2
347bee3 Merge pull request #350 from HorizonNet/issue-339
2c964d5 Merge pull request #351 from accurics/feature/support-resolve-variable-references
a8084f6 Merge pull request #354 from acc-jon/master
4a5d34d Merge pull request #356 from accurics/pyup-update-mkdocs-material-6.0.2-to-6.1.0
222bd31 Merge pull request #357 from accurics/feature/aws-serverless-regos
fd2bf7c Merge pull request #360 from accurics/bugfix/add-git-binary
935e3b0 Merge pull request #361 from accurics/bugfix/fix-http-request
d7bc4aa Merge pull request #366 from accurics/bugfix/large-file
7a8e07f Merge pull request #368 from acc-jon/master
fb7b01c Merge pull request #370 from accurics/pyup-update-mkdocs-material-6.1.0-to-6.1.2
411a4aa Merge pull request #371 from accurics/pyup-update-mkdocs-material-6.1.2-to-6.1.3
e3bb0bd Merge pull request #372 from acc-jon/master
d375f0e Merge pull request #373 from acc-jon/issue365
ba331e0 Merge pull request #374 from accurics/pyup-update-mkdocs-material-6.1.3-to-6.1.4
73d29aa Merge pull request #377 from williepaul/add-helm-support
5c96b2f Merge pull request #378 from dev-gaur/add_kustomize_support
19f5527 Merge pull request #381 from williepaul/fix-helm-subchart-rendering
6512163 Merge pull request #383 from gliptak/patch-1
6b484b1 Merge pull request #384 from gliptak/patch-2
62a3549 Merge pull request #385 from williepaul/disable-cgo-in-dockerfile
ee0bd01 Merge pull request #388 from therasec/docs/1.2.0
25d5b56 Merge pull request #389 from kklin/rm-demo
2d1374b Merge pull request #390 from kanchwala-yusuf/update-version/1.2.0
64a974a Remove demo badge
f536982 Remove demo badge
f4d9bd5 Renamed GitHub repository policy ID
51c3eb8 Update demo docs to use new Blimp demo version
84bb503 Update mkdocs-material from 5.5.12 to 5.5.14
e3f1b02 Update mkdocs-material from 5.5.14 to 6.0.1
0c7aa1e Update mkdocs-material from 6.0.1 to 6.0.2
2e6f213 Update mkdocs-material from 6.0.2 to 6.1.0
700b668 Update mkdocs-material from 6.1.0 to 6.1.2
ad98ac2 Update mkdocs-material from 6.1.2 to 6.1.3
164964a Update mkdocs-material from 6.1.3 to 6.1.4
c2a3b43 add JSON termcolor tests
bf715f3 add JSON termcolor tests
0481625 add ability to download remote repository in CLI
fc46888 add comments, debug log messages and code clean up
c4457da add config only option to remote repo scanning API in http server
11be46b add cty map to golang map converter
c3c2fc6 add downloader support
c57aa66 add function to return list of supported Iac Types
a15af41 add function to return list of supported policy types
fe1044b add git binary to terrascan docker image, required by downloader
637d286 add method to clean up cached/installed repositories
d834e2e add method to download remote repo with type specified
d88a767 add method to generate random string
8492103 add policy path for tests
d8b9d7c add remote scanning support in http server
8b274be add support for colored output
24272d0 add support for colored output
5fd0685 add support for downloading remote modules in terraform v12 Iac scanning
c79f2a8 add support for resolving variable references for file scan
659e15b add support for resolving variable references in a module
538704c add support for resolving variables initialized/overriden in module calls
160743f add support to download remote repo in CLI
392c486 add support to get list of iac types with default versions
10bd8c9 add support to resolve cross module references
1bfce05 add support to resolve lookup references
0b0103e add support to resolve references in a slice
3d19a3f add supported to resolve multiple references in the same expression
e057bfe add unit test for GenRandomString() method
e72bf36 add unit test for downloader methods
530d679 add unit test for remote module installer clean up
58d4745 add unit tests for GetURLSubDir
25d8b94 add unit tests for module-download file
7c9fa06 add unit tests for policy package
ece2ab1 added kustomize support
442e39a added vendor/ in .gitignore
b92d331 address #365 by properly handling submodule path
6d5d3be adds analytics
bde73b6 adds clarification on default behavior
c0b5705 adds documentation for '-t all' flag
b2ea41d adds helm docs
e1a0422 adds initial helm support - supports loading of helm v3 charts via the iac dir command (iac file is invalid) - adds default iac versions for all iac types - adds unit tests - adds ability to properly specify default iac version for a given iac type
57ac4a2 adds kustomize to docs
733831c adds new policies
e910754 adds policy docs
7ed87c5 adds policy to check kms on lambdas
e07d60d adds rego checking lambda is config to launch on a vpc
5530d27 adds rego for insecure cors config
14fb90e adds rule for cloudwatch logs encryption
8dc98c2 adds section for github policies
ae5d650 allow config file for global policy config
82ea9ac allow multiple cloud types, default to all
4b8d917 automatically pick supported Iac versions for help display
1a2f072 change file name
7e73f26 changes
34870a6 changing repo for testing
a332115 changing repo url from ssh to http
1a35277 clean up flag handling
2a0e3ac clean up flag handling
250d464 commenting a log message for now
220795f fix a bug when rendering subcharts - in some cases, subcharts could not be rendered properly - change how we render values such that default capabilities are set, preventing rendering errors - set lintmode to true to allow ignoring of certain rendering errors from within the rendering engine - add resource count checking to load-dir unit tests - update error messages to make sure we are including the error data
d5bde39 fix gofmt errors
eb26ba5 fix imports
ec68170 fix indentation
9c460f4 fix indentation
f1f5231 fix lint, style issues
24c4948 fix logging init. clean up tests. use globlal toml config file for policy config
8d4bad1 fix send request method, previously hardcoded
772901b fix sonarcloud issues - avoids some repeated strings by using logger.With() - move rendering code into a separate function - remove a duplicate test - add more comments
83473ea fix sonarcloud issues - try #2 with cognitive complexity by moving for loop outside of the render func - update error level of some log messages
577d5ca fix style
bbc2f90 fix style issue
94cd15a fix style, tests for policy type "all"
695801c fix supported providers unit test, sort the wanted result
b038fab fix test args
43c4970 fix typo
6889c14 fix typo
613d2e5 fix unit tests
daecab4 fix unit tests - make sure empty directories are created by adding a placeholder file
545692f fixes dockerfile build issues - disables CGO to prevent any dependencies from failing the build - the GOARCH variable was named incorrectly and not being picked up during the docker build - locked both the alpine and golang versions for the docker build
ed26230 fixes policy name
48b6ea8 fixes review comments - adds .yml to the valid list of chart yamls - default to 1 instead of 0 for source line in the helm_chart resource - TODO: add values.yml support for rancher
a8fce5a fixes severity
95401c4 fixes severity
d23b460 fixes typo
b0f28f1 fixes typo and removes severity from reference id
62ce1c1 fixing error messages for unit tests
fdc888a fixing exisiting unit tests
368fd23 fixing unit tests
dcd6cb7 import 'sort' package
f5fed60 improve isRef method, reorder switch cases for str ref resolution
b5778ea improve regex pattern, getLocalName method and string replace method for local references
308c69b improve regex pattern, getLocalName method and string replace method for lookup references
d27c892 improve regex pattern, getLocalName method and string replace method for module references
876587a improve regex pattern, getLocalName method and string replace method for variable references
4bf99eb improve variable regex pattern, improve gwtVarName method
25f258c last minute fixes
5960227 load global config from toml config file
5789f8f making staticcheck happy
8ac4d82 missing access logs
09d81f8 optimized yaml utility function
0e3d31a organizing reference resolution into multiple files
4f99d24 pick automatically pick up list of supported types in cli help
557294c properly handle nested submodules (#365)
765a2ef refactor and add unit test for remote scan repo API handler
794df55 refactor downloader package, add downloader interface
d1806c3 refactor module download
5183da8 refactor styli...
v1.1.0
Changelog
e498942 Adds exit code when issues are found
c7b4797 Fix headers
0a73752 Manage relative module path
5a30d06 Merge branch 'master' into kubernetes-support
4f0bd92 Merge branch 'master' into kubernetes-support
c44a663 Merge pull request #291 from accurics/bugfix/xml-output
b4caa81 Merge pull request #292 from accurics/pyup-update-mkdocs-material-5.5.6-to-5.5.7
1ae533b Merge pull request #295 from erichs/doc-fixes - Fixes typos in documentation
3f21021 Merge pull request #296 from accurics/bugfix/docker
37760a9 Merge pull request #297 from accurics/update-policies-082020
ca75f86 Merge pull request #298 from accurics/Upa-acc-patch-1
d170c17 Merge pull request #299 from accurics/feature/exitstatus
053660a Merge pull request #300 from accurics/pyup-update-mkdocs-material-5.5.7-to-5.5.8
17ffd93 Merge pull request #301 from accurics/bugfix/capitalization
118129a Merge pull request #306 from zmarouf/patch-1
b698de5 Merge pull request #307 from accurics/pyup-update-mkdocs-material-5.5.8-to-5.5.12
f98373b Merge pull request #308 from guilhem/relative_module
618475a Merge pull request #309 from accurics/add-config-only-output
d182f1c Merge pull request #313 from accurics/kubernetes-support
97b7612 Merge pull request #314 from accurics/jon-badges
2953c19 Merge pull request #315 from chenrui333/add-homebrew-installation
6eb0a6b Merge pull request #316 from accurics/bugfix/template-rendering-issue
f6c1acb Merge pull request #317 from accurics/bugfix/output-logs-to-stderr
3402ba9 Merge pull request #318 from accurics/change-docker-default
67e42be Merge pull request #321 from accurics/bugfix/fix-checkIpForward-rule
cbe6c35 Merge pull request #322 from accurics/revert-321-bugfix/fix-checkIpForward-rule
1a90445 Merge pull request #323 from accurics/fix-check-ip-forward
4c30787 Merge pull request #327 from accurics/docs/k8s
ab92377 Merge pull request #328 from accurics/update-k8s-initial-policies
63b757e Rename KubeDashboardDisabled.rego to kubeDashboardDisabled.rego
f107f76 Revert "fixed a bug in checkIpForward"
7d1f18a Typo fixes
434dba7 Typo fixes
246797c Update README.md
6beb097 Update about.md
298b6e6 Update about.md
eb9cc0c Update mkdocs-diagrams from 0.0.2 to 1.0.0
b11d8ae Update mkdocs-diagrams to 1.0.0
c1a13ea Update mkdocs-material from 5.5.6 to 5.5.7
04fe83b Update mkdocs-material from 5.5.7 to 5.5.8
63727a1 Update mkdocs-material from 5.5.7 to 5.5.8
602a557 Update mkdocs-material from 5.5.8 to 5.5.12
ffe2a49 Update readme
605edca Updating changelog with v1.1.0 enhancements and bugfixes
65636ce Updating changelog with v1.1.0 enhancements and bugfixes
ae346e8 add changes missing from the last commit - error message updates - added config-only unit test - removed unnecessary checks in the api server
89ad5b1 add support to print resource config as an output
52babb8 adds docs for k8s policies
6ee0af2 adds exit code explanation to docs
9ccf599 adds go get instructions
791123d bumps version references to 1.1.0
1edf439 changing header name from CLI Output formats to CLI Output types
de8e375 chore(docs): add homebrew installation
9cb321b chore(docs): fix indent of tar extraction
d5418b5 clean up go.mod/go.sum
75253ce documents policy changes
5b3ae20 fix template rendering bug - templates were only being rendered once per file, rather than once per rule - thus, the first render for each file would win, and violations could trigger (or be missed) if using a shared template
f8267da fix typo
5b3a2b2 fix typo in readme, clean formatting
2719aac fix xml output
e573629 fixed a bug in checkIpForward "not api.config.can_ip_forward == true" should be "api.config.can_ip_forward == true" by default, can_ip_forward is false, so no need to check for existence of the key before checking if can_ip_forward is true
688b7d1 fixed checkIpForward rule (gcp)
ecd531b fixed location of the readOnlyRootFilesystem param
2372876 fixed merge issue - silenced a noisy log and downgraded the severity of another
a94f375 fixed review comments - error message updates - added config-only unit test - removed unnecessary checks in the api server - changed resource representation to match terraforms resource naming
3dcd3c7 fixes a core dump when template_args are not set in the rule
8bd290e fixes format errors on docs
85e88e4 fixes formatting error
7d8ad0a fixes github ref for pushing latest docker image
af127cb fixes github ref for pushing latest docker image
c468b39 fixes if statement
7742b15 fixes if statement
915ec5b fixes if statement
0ac6c04 fixes if statement
2fbe793 fixes issue template as we no longer use python
42853a7 initial kubernetes support (continued) - add Jon’s change for a relative directory resolve bug - go.mod tidy - don’t call os.exit() from run() when running unit tests - simplify k8s normalization—no manual json parsing - fix default AWS IaC type (was set to was instead of terraform) - fixed JSON loading bug - increased unit test coverage
04ceabe initial kubernetes support - adds support for kubernetes violation detection in yaml using repo - adds default iac versions/types per policy/cloud provider - policies and more unit tests to follow in the next checkin
3f3e7b5 initial policy set for k8s
e97fa89 move server command out of ENTRYPOINT and into CMD - sets the base command as default - per @acc-jon
142dccc removes dup comment
4198bdc send logs to stderr instead of stdout
f2a9f32 update documentation with description of different output formats supported in terrascan
44544f0 update readme
ee580c0 updated download instructions post install
b4565c9 updated k8s policy set and documentation
9ff59b2 updated policies to the latest set
d978c3a updates with new help output which includes k8s relates instructions
v1.0.0
Changelog
6e25de8 Add separate violation/results and reporter objects
1516139 Add separate violation/results and reporter objects
45c7fcc Add the gcp provider support into terrascan
cd8d2ec Change OPA engine filename
45a7119 Change OPA engine filename
cdbd444 Changes: - Add zap logger support - Logging changes in all files - Create normalized json in iac-provider
72c09c4 First commit to rewrite terrascan in go language
3aa34fa First cut of the policy engine - OPA can evaluate and read rego files in a given directory - Template regos are supported - Still some bugs to fix around mapping
8fd495d First cut of the policy engine - OPA can evaluate and read rego files in a given directory - Template regos are supported - Still some bugs to fix around mapping
c6a5674 Fix FileInfo-related linter errors
38590bc Fix FileInfo-related linter errors
647282d Fix misc linter errors
f030748 Fix misc linter errors
ed55d99 Fixed static checker issues
9386cf1 Fixed static checker issues
5896ffc Merge branch 'master' into terrascan-v1.0
98d2a60 Merge pull request #258 from accurics/terrascan-v1.0-test-codecov-pr-comments
4722179 Merge pull request #259 from accurics/pyup-update-pytest-5.4.3-to-6.0.0
779b9ad Merge pull request #260 from accurics/pyup-update-pytest-6.0.0-to-6.0.1
a4476b1 Merge pull request #261 from accurics/terrascan-v1.0-http-unit-tests
e8a70f6 Merge pull request #262 from accurics/terrascan-v1.0-add-webhook-notifications
7f3cdb8 Merge pull request #263 from accurics/terrascan-v1.0-docs
fd4ca9d Merge pull request #264 from accurics/pyup-update-sphinx-3.1.2-to-3.2.0
7b940a9 Merge pull request #265 from accurics/terrascan-v1.0-docs
624c5b5 Merge pull request #266 from accurics/terrascan-v1.0-goreleaser
9331bf2 Merge pull request #267 from accurics/terrascan-v1.0-policy-support
ced7f79 Merge pull request #268 from accurics/terrascan-v1.0-policy-support-refactor
dda4687 Merge pull request #270 from accurics/bugfix/policy-exporter-update-rule-json
6df3b8a Merge pull request #271 from accurics/terrascan-v1.0-policy-support-fixes
b6496eb Merge pull request #272 from accurics/terrascan-v1.0-policy-support
7b214c1 Merge pull request #273 from accurics/terrascan-v1.0-docs
77cb40b Merge pull request #274 from accurics/terrascan-v1.0-update-azure-policies
b6b7eb2 Merge pull request #275 from accurics/terrascan-v1.0-init-support
9e1eb31 Merge pull request #276 from accurics/pyup-update-sphinx-3.2.0-to-3.2.1
0eaa228 Merge pull request #277 from accurics/terrascan-v1.0-usage-fixes
f1b3608 Merge pull request #278 from accurics/terrascan-v1.0-update-policies
165d1cb Merge pull request #279 from accurics/terrascan-v1.0
592a7ca Merge pull request #280 from accurics/pyup-update-mkdocs-material-5.5.3-to-5.5.6
27d2ff8 Merge pull request #281 from accurics/bugfix/docker-tag-latest
3d49d6c Merge pull request #282 from accurics/bugfix/docker-tag-latest
5e4b57b Merge pull request #283 from accurics/bugfix/terrascan-init-branch
747b35f Merge pull request #284 from accurics/terrascan-v1.0-cobra
c630fad Merge pull request #285 from accurics/terrascan-v1.0-param-update
64c03e9 Merge pull request #287 from accurics/bugix/fix-version
4a318e3 Merge pull request #288 from accurics/terrascan-v1.0-docs
aa98f2e Merged in latest changes
f06638f Rename OPA engine #2
6bb3463 Rename OPA engine #2
79cb369 Update Terrascan to use the latest policy format - Adds initial AWS and Azure policy set - Adds command line switch for policy path
ad25711 Update Terrascan to use the latest policy format - Adds initial AWS and Azure policy set - Adds command line switch for policy path
f2fc35d Update log message to indicate path of the built terrascan binary
bf244fb Update mkdocs-material from 5.5.3 to 5.5.6
10f1d16 Update pytest from 5.4.3 to 6.0.0
6222f4b Update pytest from 6.0.0 to 6.0.1
6a501c2 Update sphinx from 3.1.2 to 3.2.0
1b466c3 Update sphinx from 3.2.0 to 3.2.1
aab1a20 Updates with 0.2.3 info
7992292 accepting log-type for server mode as well
af49fe7 add Github actions badge for CI passing
b00157b add Makefile
b757c71 add cobra command support
2d59f2c add codecov integration to generate code coverage reports
efaf11b add codecov yaml
8a2e136 add command registration for future commands update long command descriptions split command-specific code out of the root command
2600219 add debug logs to terrascan init code path
96cb4de add docker build and push to github actions
02c0ef0 add docker-compose file for terrascan
36742e5 add first drop of gcp policies
9fbd957 add fixes to normalized json format
9704e2f add go build pipeline and remove python piplines
6fa60dd add go mod verification to Makefile
61c3224 add gofmt, govet and golint validation scripts
3765fea add goreleaser support
ad2e4c1 add help, staticcheck and test commands to Makefile
d4a96c9 add iac-providers with interfaces
3faeda9 add missed store.go file
887911b add more unit test for terraform v12 package
1fac82b add more unit tests for pkg/utils package
ae98831 add more unit tests for scan file
c068097 add notifier unit tests to runtime package
201648c add output format option to cli args
c5ecf5b add output format option to cli args
cadae23 add scan file endpoint to the API server
e7730ba add script for running static code analysis
b724edc add script to build docker image, update Makefile to build docker image
4d2f837 add script to push docker image, update Makefile to push docker image
930ac6d add script to run unit tests and generate code coverage report
759bf66 add source line info to normalized resource config
1df64e4 add source line info to normalized resource config
b2a8a46 add staticcheck to build pipeline
0ddf0a0 add support for sending webhook notifications
3f64c3f add support for terrascan server mode
96480b8 add support for webhook notifier
4f0fb96 add support for writer
c901135 add support for writer
1851c58 add support parsing terraform config files from a module based directory structure
0638d9c add terraform init support
599a9aa add terrascan Dockerfile
5678b32 add terrascan cli support
df9e63f add terrascan runtime package
95201e4 add testdir to testdata in runtime package
41e04cf add unit test execution step in build pipeline
de76066 add unit test for logger package
9007143 add unit test for notifications package
93018e3 add unit tests for FindAllDirectories func
0c3d58f add unit tests for FindAllDirectories func
a705368 add unit tests for cloud-provider package
b71f018 add unit tests for iac-provider package
730ec19 add unit tests for iac-provider package
3500161 add unit tests for pkg/utils package and refactor accordingly
fb4e51a add unit tests for runtime package and refactor accordingly
ee73d71 add unit tests for utils.WrapError func
92e5cd2 add version information
1ff02e8 add xml writer support
62d625b add xml writer support
23f4bfe added line number and file name output support policy changes—removed policies with errors (will need to fix). these errors include things like missing reference IDs and invalid severity strings record time duration of the scan fixed Engine.GetResults and updated the interface reduced the scope of the members of the Engine type misc code cleanup
3133289 added line number and file name output support policy changes—removed policies with errors (will need to fix). these errors include things like missing reference IDs and invalid severity strings record time duration of the scan fixed Engine.GetResults and updated the interface reduced the scope of the members of the Engine type misc code cleanup
5009e22 adding .DS_Store files
60d243d adding more unit tests for terraform v12
1218201 adding stubs for the different sections
051fb7e adds ability to sort tables
290c451 adds about page contents
9fdf9c0 adds analytics
bbacbab adds arch description
1f7810b adds architecture high level description
4fa4d9e adds badges and help menu
853c037 adds changelog
3db6f53 adds cli client
fd59e45 adds consistency to changelog
4961867 adds contributing guide
57fe3bb adds contributing guide to nav
09d0f6d adds diagram
8d42259 adds docs badge
31d38ee adds docs for policies
ed73118 adds docs requirements
4d0942d adds explanation of docs sections
1c5bdc0 adds favicons
03004a7 adds footer
9814799 adds getting started guide
a3c8304 adds license
2c80eda adds markdown include
acc72ca adds missing descriptions
c6d158e adds nav
8563d3a adds new favicon
ee42410 adds new usage info
7001128 adds objects
9d355ac adds permalink setting
bbbf2a5 adds policy rule description
9950bcd adds policy rule file description
370b4e1 adds pre-commit info
6c750ab adds title
34fa426 change json, yaml tags from camel case to underscore notation
52bfc38 change json, yaml tags from camel case to underscore notation
c81629d changes to github action, make file and scripts to push docker image with latest tag
0e81499 changing input/ouput type from interface{} to data specific types
483920a changing input/ouput type from interface{} to data specific types
3d8571f changing shell in validation scripts
ac8b93b changing workflow name to 'build'
13e79e6 create cloud-providers layout with interfaces
600a6e6 disable codecov commit status
b50538a fix TestFindAllDirectories unit tests
ab2f8d7 fix TestFindAllDirectories unit tests
ef820ea fix file name not showing in output also adds resource data in the violation
0ecec77 fix file name not showing in output also adds resource data in the violation
cb7c3ee fix file paths for terraform config dir
59203de fix file paths for terraform config dir
38cdd40 fix http-server unit tests
d776638 fix http-server unit tests
9cef225 fix iac file path
5ed6e69 fix iac file path
91ce740 fix remove unnecessary data from output
066e21c fix remove unnecessary data from output
71e2854 fix runtime unit tests
24ecda8 fix runtime unit tests
c33b805 fix static check errors
e822fad fix static check errors
dc15081 fix terraform v12 unit tests
c6bf4ce fix terraform v12 unit tests
07e5292 fix typo
c66dbef fix unit tests for runtime package
b98401e fix unit tests for runtime package
fe...
v0.2.3
Introduces the '-f' flag for passing a list of ".tf" files for linting and the '--version' flag.
v0.2.2
Adds Docker image and pipeline to push to DockerHub
v0.2.1
This release includes a fixes a bug where the pyhcl hard dependency in the requirements.txt file caused issues if a higher version was installed. This was fixed by using the ">=" operator.
v0.2.0
Adds support for terraform 0.12+
v0.1.2
Adds ability to setup terrascan as a pre-commit hook
v0.1.1
- Updates dependent packages to latest versions
- Migrates CI to GitHub Actions from travis