Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(misconf): Improve scan results messaging #6138

Closed
simar7 opened this issue Feb 14, 2024 · 5 comments
Closed

feat(misconf): Improve scan results messaging #6138

simar7 opened this issue Feb 14, 2024 · 5 comments
Assignees
@simar7
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.56.0

Comments

@simar7
Copy link
Member

simar7 commented Feb 14, 2024
edited
Loading

When reporting misconfiguration scanning results we can be more descriptive about how many "total" files were scanned and how many "misconfigured" files were found.

See context below for details:

Trivy successfully scans the ARM template. I think the message Detected config files: 0 might be misleading.

@simar7 The issue is that the Azure state for the scan was empty and no checks were applied to it, so Trivy reported that 0 configs were detected.

Originally posted by @nikpivkin in #6123 (comment)
@simar7 simar7 added kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning labels Feb 14, 2024
@simar7 simar7 mentioned this issue Mar 12, 2024
Closed
6 tasks
@simar7 simar7 added this to the v0.51.0 milestone Mar 12, 2024
@simar7 simar7 assigned simar7 and unassigned nikpivkin Apr 4, 2024
@simar7 simar7 modified the milestones: v0.51.0, v0.52.0 Apr 28, 2024
@simar7 simar7 modified the milestones: v0.52.0, v0.53.0 May 28, 2024
@simar7 simar7 modified the milestones: v0.53.0, v0.54.0 Jun 26, 2024
@DmitriyLewen DmitriyLewen modified the milestones: v0.54.0, v0.55.0 Jul 29, 2024
@nikpivkin
Copy link
Contributor

@simar7 Should we only change the wording of the Detected config files: ... message, or should we add some other messages? Does it make sense for users to report how many files have been checked?

@simar7
Copy link
Member Author

simar7 commented Aug 14, 2024

@nikpivkin as you brought up here this result contains passed items as well. I looked into adding more logic to decouple that but didn't finish the implementation.

Ideally if we can show the user how many "relevant" files were scanned by the IaC scanner, it would be more relevant. In this case a "relevant" file would be the one that we've processed through the scanner. Currently we don't keep track of this AFAIK.

@knqyf263 knqyf263 modified the milestones: v0.55.0, v0.56.0 Sep 5, 2024
simar7 added a commit that referenced this issue Sep 10, 2024
@simar7
fix(misconfig): Fix typo
3fc791b 
Partially addresses: #6138
@simar7 simar7 mentioned this issue Sep 10, 2024
Merged
6 tasks
@simar7
Copy link
Member Author

simar7 commented Sep 10, 2024

I've created #7473 as I think it is sufficient to show the count of files scanned and the count of "relevant" config files found that were scanned. Besides this, I'm not sure what much we can do in this case to improve it.

@nikpivkin
Copy link
Contributor

@simar7 Is there a need to report how many total files were scanned? We can report the number of files with misconfigurations.

@simar7
Copy link
Member Author

simar7 commented Sep 26, 2024

I think we're good for now.

@simar7 simar7 closed this as completed Sep 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Status: No status
Milestone
v0.56.0
Development

Successfully merging a pull request may close this issue.

fix(misconf): Improve misconfig scan messaging aquasecurity/trivy
4 participants
@simar7 @knqyf263 @DmitriyLewen @nikpivkin