The program will throw an error when entity['rules'] is empty.

[Gingsguard]

Hi, I found a bug in the script. When analyzing the incoming JSON, entity['rules'] may be empty, which causes the program to crash and exit.
I found a solution to fix the issue. Please refer to the image below.

[cicode225]

Hello,
I encountered this issue.... How did you solve it ?

[ryankenney-dev]

My workaround...

Updated ExtensiveRoleCheck.py, adding a condition:

def _generate(self):
    for entity in self._json_file['items']:
        role_name = entity['metadata']['name']

        # Add check for empty rules
        if not entity['rules']:
            continue

        for rule in entity['rules']:
            if not rule.get('resources', None):
                continue
            self.get_read_secrets(rule, role_name)
            self.clusteradmin_role(rule, role_name)
            self.any_resources(rule, role_name)
            self.any_verb(rule, role_name)
            self.high_risk_roles(rule, role_name)
            self.role_and_roleBindings(rule, role_name)
            self.create_pods(rule, role_name)
            self.pods_exec(rule, role_name)
            self.pods_attach(rule, role_name)