diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1b66c794..02d17bb2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -30,8 +30,43 @@ jobs:
- name: Run tests
run: npm run test
+ - name: Git Version
+ id: versioning
+ uses: codacy/git-version@2.8.0
+ with:
+ release-branch: main
+ dev-branch: dev
+ log-paths: Kexa/
+ minor-identifier: 'feat:'
+ major-identifier: 'break:'
+
+ - name: Set up version in file
+ run: echo "${{ steps.versioning.outputs.version }}" > VERSION
+
- name: Run extract Addon
run: npm run update
+
+ - name: Get changed files
+ id: changed-files
+ uses: tj-actions/changed-files@v39
+
+ - name: List all changed files
+ run: |
+ echo "## ${{ steps.versioning.outputs.version }}" >> CHANGELOG.md
+ echo "" >> CHANGELOG.md
+ echo "### Files added: ${{steps.changed-files.outputs.added_files_count}}" >> CHANGELOG.md
+ echo "" >> CHANGELOG.md
+ for file in ${{ steps.changed-files.outputs.added_files }}; do
+ echo "$file was added" >> CHANGELOG.md
+ echo "" >> CHANGELOG.md
+ done
+ echo "### Files changed: ${{steps.changed-files.outputs.all_changed_and_modified_files_count}}" >> CHANGELOG.md
+ echo "" >> CHANGELOG.md
+ for file in ${{ steps.changed-files.outputs.all_changed_files }}; do
+ echo "$file was changed" >> CHANGELOG.md
+ echo "" >> CHANGELOG.md
+ done
+ echo "" >> CHANGELOG.md
- name: commit changes
uses: EndBug/add-and-commit@v4
@@ -44,16 +79,6 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
- - name: Git Version
- id: versionning
- uses: codacy/git-version@2.8.0
- with:
- release-branch: main
- dev-branch: dev
- log-paths: Kexa/
- minor-identifier: 'feat:'
- major-identifier: 'break:'
-
- name: Login to Docker Registry
uses: docker/login-action@v2
with:
@@ -67,10 +92,10 @@ jobs:
context: ./
push: true
tags: |
- ${{ secrets.DOCKER_REGISTRY_NAME}}/innovtech/kexa:${{ steps.versionning.outputs.version }}
+ ${{ secrets.DOCKER_REGISTRY_NAME}}/innovtech/kexa:${{ steps.versioning.outputs.version }}
${{ secrets.DOCKER_REGISTRY_NAME}}/innovtech/kexa:latest
- name: Release
uses: ncipollo/release-action@v1
with:
- tag: "${{ steps.versionning.outputs.version }}"
+ tag: "${{ steps.versioning.outputs.version }}"
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..eb84838e
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,59 @@
+# CHANGELOG
+
+## 1.8.0-SNAPSHOT.51.f9fa354
+
+### Files added: 2
+
+CHANGELOG.md was added
+
+VERSION was added
+
+### Files changed: 5
+
+CHANGELOG.md was changed
+
+VERSION was changed
+
+.github/workflows/ci.yml was changed
+
+Kexa/services/updateCapability.service.ts was changed
+
+package.json was changed
+
+
+## 1.8.0-SNAPSHOT.53.56373d8
+
+### Files added: 0
+
+### Files changed: 10
+
+Kexa/rules/Deployement.yaml was changed
+
+Kexa/rules/Economy.yaml was changed
+
+Kexa/rules/HTTPRules.yaml was changed
+
+Kexa/rules/OperationalExcellence.yaml was changed
+
+Kexa/rules/Performance.yaml was changed
+
+Kexa/rules/PostDeployement.yaml was changed
+
+Kexa/rules/PreDeployement.yaml was changed
+
+Kexa/rules/Security.yaml was changed
+
+Kexa/rules/driveRules.yaml was changed
+
+Kexa/rules/rules-testing.yaml was changed
+
+
+## 1.8.0-SNAPSHOT.55.c3f6d1b
+
+### Files added: 0
+
+### Files changed: 1
+
+README.md was changed
+
+
diff --git a/Kexa/rules/Deployement.yaml b/Kexa/rules/Deployement.yaml
index 4072a6dd..4a09fd26 100644
--- a/Kexa/rules/Deployement.yaml
+++ b/Kexa/rules/Deployement.yaml
@@ -46,7 +46,7 @@
- level: 3
min: 1
rules:
- - name: "Git repo check"
+ - name: "git-is-repository-private"
description: "this rules is to check if git repo is private"
applied: true
level: 0
@@ -56,7 +56,7 @@
- property: private
condition: EQUAL
value: true
- - name: "Git_branch_protect"
+ - name: "git-is-branch-protectec"
description: "this rules is to check if git branch is protected"
applied: true
level: 0
@@ -71,8 +71,8 @@
- property : name
condition : EQUAL
value : master
- - name: "http request date in body"
- description : "date check"
+ - name: "http-request-date-in-body"
+ description : "request date in body"
applied: true
level: 0
cloudProvider: http
@@ -83,8 +83,8 @@
- property : body.date
condition : EQUAL
value : null
- - name: "http request certificate"
- description : "certificate check"
+ - name: "http-request-certificate"
+ description : "check if certificate is present"
applied: true
level: 0
cloudProvider: http
@@ -97,8 +97,8 @@
condition : DATE_INF
value : 0 0 0 0 0 0
date: "MMM DD HH:mm:ss YYYY GMT"
- - name: "http request header"
- description : "header check"
+ - name: "http-request-header"
+ description : "http requested header"
applied: true
level: 0
cloudProvider: http
@@ -108,7 +108,7 @@
condition : INCLUDE
value : "application/json"
#change the namespace name to your namespace
- - name: namespace-exist-api-4urcloud
+ - name: "namespace-exist-api-4urcloud"
description : "this rules is to check if namespace exist and notifiable if exist"
applied: true
level: 0
@@ -119,7 +119,7 @@
condition : DIFFERENT
value : 4urcloudwebsitepublic
#change the namespace name to your namespace
- - name: all-pods-running-kexawebsite
+ - name: "all-pods-running-kexawebsite"
description : "this rules is to check if all pods are running for a namespace"
applied: true
level: 2
diff --git a/Kexa/rules/Economy.yaml b/Kexa/rules/Economy.yaml
index 1dd94d76..5c164517 100644
--- a/Kexa/rules/Economy.yaml
+++ b/Kexa/rules/Economy.yaml
@@ -50,7 +50,7 @@
- level: 3
min: 1
rules:
- - name: VM-Reservation
+ - name: "check-vm-reservation"
description : "check if VM have a reservation"
applied: true
level: 0
@@ -59,8 +59,8 @@
conditions:
- property: priority
condition: REGEX
- value: ^(reservation)$
- - name: "azure-disk-orphan"
+ value: (?i)reservation
+ - name: "azure-is-disk-orphan"
description : "this rules is to check if disk is orphan"
applied: true
level: 1
@@ -70,7 +70,7 @@
- property : diskState
condition : DIFFERENT
value : Unattached
- - name: aks-scaleSet
+ - name: "aks-has-scaleSet"
description : "check if aks have a scaleSet"
applied: true
level: 0
@@ -83,7 +83,7 @@
- property: scaleSetEvictionPolicy
condition: EQUAL
value: Delete
- - name: "Orphan nsg"
+ - name: "azure-orphan-nsg"
description : "this rules is to check if nsg is orphan"
applied: true
level: 1
diff --git a/Kexa/rules/HTTPRules.yaml b/Kexa/rules/HTTPRules.yaml
index e0ba3c28..9f1050d5 100644
--- a/Kexa/rules/HTTPRules.yaml
+++ b/Kexa/rules/HTTPRules.yaml
@@ -50,8 +50,8 @@
- level: 3
min: 1
rules:
- - name: "http request code"
- description : "code check"
+ - name: "http-request-response-code"
+ description : "check for a specific response code"
applied: true
level: 0
cloudProvider: http
@@ -65,8 +65,8 @@
- property : code
condition : EQUAL
value : 201
- - name: "http request date in body"
- description : "date check"
+ - name: "http-request-date-in-body"
+ description : "check if date is in body"
applied: true
level: 0
cloudProvider: http
@@ -86,8 +86,8 @@
- property : code
condition : EQUAL
value : 201
- - name: "http request certificate"
- description : "certificate check"
+ - name: "http-request-certificate"
+ description : "request certificate"
applied: true
level: 0
cloudProvider: http
@@ -96,8 +96,8 @@
- property : certificate.issuer.CN
condition : EQUAL
value : "Kubernetes Ingress Controller Fake Certificate"
- - name: "http request header"
- description : "header check"
+ - name: "http-request-header"
+ description : "request header content"
applied: true
level: 0
cloudProvider: http
diff --git a/Kexa/rules/OperationalExcellence.yaml b/Kexa/rules/OperationalExcellence.yaml
index 0c579c27..a2abc1ec 100644
--- a/Kexa/rules/OperationalExcellence.yaml
+++ b/Kexa/rules/OperationalExcellence.yaml
@@ -50,7 +50,7 @@
- level: 3
min: 1
rules:
- - name: VirtualNetwork-subnet-count
+ - name: "azure-virtual-network-minimum-subnets"
description : "check if NSG have a minimum of subnets"
applied: true
level: 1
@@ -71,7 +71,7 @@
condition: DATE_INF
value: 0 0 0 0 0 2 0
date: "YYYY-MM-DDThh:mm:ss.SSSZ"
- - name: "tagsvalue-check-for-expiration-date"
+ - name: "aws-tagsvalue-check-for-expiration-date"
description: "this rule is to check if tags contain an expiration date (separate with \"-\")"
applied: true
level: 1
diff --git a/Kexa/rules/Performance.yaml b/Kexa/rules/Performance.yaml
index 69ea5aad..67aab787 100644
--- a/Kexa/rules/Performance.yaml
+++ b/Kexa/rules/Performance.yaml
@@ -50,7 +50,7 @@
- level: 3
min: 1
rules:
- - name: aks-scaleSet
+ - name: "aks-is-scaleset-down"
description : "check if aks have a scaleSet down"
applied: true
level: 0
diff --git a/Kexa/rules/PostDeployement.yaml b/Kexa/rules/PostDeployement.yaml
index bd5b9450..66b9895a 100644
--- a/Kexa/rules/PostDeployement.yaml
+++ b/Kexa/rules/PostDeployement.yaml
@@ -46,8 +46,8 @@
- level: 3
min: 1
rules:
- - name: "http request date in body"
- description : "date check"
+ - name: "http-request-date-in-body"
+ description : "request date in body"
applied: true
level: 0
cloudProvider: http
@@ -58,8 +58,8 @@
- property : body.date
condition : EQUAL
value : null
- - name: "http request certificate"
- description : "certificate check"
+ - name: "http-request-certificate"
+ description : "request certificate"
applied: true
level: 0
cloudProvider: http
@@ -72,8 +72,8 @@
condition : DATE_INF
value : 0 0 0 0 0 0
date: "MMM DD HH:mm:ss YYYY GMT"
- - name: "http request header"
- description : "header check"
+ - name: "http-request-header"
+ description : "request header content"
applied: true
level: 0
cloudProvider: http
diff --git a/Kexa/rules/PreDeployement.yaml b/Kexa/rules/PreDeployement.yaml
index 2c30a86b..0e5200e2 100644
--- a/Kexa/rules/PreDeployement.yaml
+++ b/Kexa/rules/PreDeployement.yaml
@@ -46,7 +46,7 @@
- level: 3
min: 1
rules:
- - name: "Git repo check"
+ - name: "git-is-repository-private"
description: "this rules is to check if my git repo is private"
applied: true
level: 1
@@ -62,7 +62,7 @@
condition: EQUAL
#change the name with your repo name
value: 4urcloud/Kexa_website
- - name: "Git_branch_protect"
+ - name: "git-is-branch-protected"
description: "this rules is to check if my git branch is protected"
applied: true
level: 1
@@ -81,7 +81,7 @@
- property : protected
condition : EQUAL
value : true
- - name: alert-if-namespace-not-exist-api-4urcloud
+ - name: "kub-alert-if-namespace-not-exist"
description : "this rules is to check if namespace exist and notifiable if not"
applied: true
level: 0
diff --git a/Kexa/rules/Security.yaml b/Kexa/rules/Security.yaml
index 86142c0b..0ef71727 100644
--- a/Kexa/rules/Security.yaml
+++ b/Kexa/rules/Security.yaml
@@ -50,7 +50,7 @@
- level: 3
min: 1
rules:
- - name: NSG-subnet
+ - name: "azure-nsg-valid-subnet"
description : "check if NSG have a valid subnet"
applied: true
level: 1
@@ -60,7 +60,7 @@
- property: agentPoolProfiles
condition: COUNT
value: 2
- - name: Git-repo-private
+ - name: "git-is-repository-private"
description: "this rules is to check if git repo is private"
applied: true
level: 0
@@ -70,7 +70,7 @@
- property: private
condition: EQUAL
value: true
- - name: Git-branch-protect
+ - name: "git-is-branch-protected"
description: "this rules is to check if git branch is protected"
applied: true
level: 0
diff --git a/Kexa/rules/driveRules.yaml b/Kexa/rules/driveRules.yaml
index 441b9d5c..a7bcc65f 100644
--- a/Kexa/rules/driveRules.yaml
+++ b/Kexa/rules/driveRules.yaml
@@ -50,8 +50,8 @@
- level: 3
min: 1
rules:
- - name: "check drive files name"
- description : "check drive files name"
+ - name: "check-regex-drive-file-name"
+ description : "compare drive file name to regex for compliance"
applied: true
level: 0
cloudProvider: googleDrive
@@ -60,8 +60,8 @@
- property: name
condition: REGEX
value: /^(PUBLIC|PRIVATE)\s[A-Za-z]+/
- - name: "check drive files stay private"
- description : "check drive files name private"
+ - name: "is-drive-file-private"
+ description : "this rule is to check if drive files are private"
applied: true
level: 0
cloudProvider: googleDrive
@@ -75,8 +75,8 @@
- property : name
condition : REGEX
value : /PRIVATE\s[A-Za-z]+/
- - name: "shared only by domaine"
- description : "shared only by domaine"
+ - name: "is-file-shared-only-by-domaine"
+ description : "this rule is to check if a file is shared only by domain"
applied: true
level: 0
cloudProvider: googleDrive
diff --git a/Kexa/rules/rules-testing.yaml b/Kexa/rules/rules-testing.yaml
index af78e07e..44cd38da 100644
--- a/Kexa/rules/rules-testing.yaml
+++ b/Kexa/rules/rules-testing.yaml
@@ -50,7 +50,7 @@
- level: 3
min: 1
rules:
- - name: "azure-disk-orphan"
+ - name: "azure-is-disk-orphan"
description : "this rules is to check if disk is orphan"
applied: false
level: 2
@@ -60,7 +60,7 @@
- property : diskState
condition : DIFFERENT
value : Unattached
- - name: "Git repo check"
+ - name: "git-is-repository-private"
description: "this rules is to check if git repo is private"
applied: false
level: 0
@@ -70,7 +70,7 @@
- property: private
condition: EQUAL
value: true
- - name: "Git_branch_protect"
+ - name: "git-is-branch-protected"
description: "this rules is to check if git branch is protected"
applied: false
level: 0
@@ -85,7 +85,7 @@
- property : name
condition : EQUAL
value : master
- - name: namespace-exist-dev-cloudprices-apiclient
+ - name: "kub-alert-if-namespace-not-exist"
description : "this rules is to check if namespace exist and notifiable if exist"
applied: false
level: 0
@@ -95,7 +95,7 @@
- property : metadata.name
condition : DIFFERENT
value : dev-cloudprices-apiclient
- - name: all-pods-running-thecloudprices-manorga
+ - name: "kub-are-all-pods-running-namespace"
description : "this rules is to check if all pods are running for a namespace"
applied: false
level: 2
@@ -110,7 +110,7 @@
- property : metadata.namespace
condition : EQUAL
value : thecloudprices-manorga
- - name: all-pods-not-running
+ - name: "kub-are-all-pods-not-running"
description : "this rules is to be notifiable if pods are not running"
applied: false
level: 2
@@ -125,7 +125,7 @@
- property : status.phase
condition : EQUAL
value : Succeeded
- - name: check-aks-cluster
+ - name: "azure-check-aks-cluster-conformity"
description : "this rules is to check if aks cluster are conform to the norms"
applied: false
level: 2
@@ -150,7 +150,7 @@
- property : autoScalerProfile.scaleDownDelayAfterAdd
condition : DIFFERENT
value : NULL
- - name: all-my-helm-is-deploy
+ - name: "kub-all-my-helm-is-deploy"
description : "this rules is to check if some helm are not deployed"
applied: false
level: 2
@@ -160,7 +160,7 @@
- property : status
condition : EQUAL
value : deployed
- - name: azure-disk not public or encrypted
+ - name: "azure-disk-not-public-or-encrypted"
description : "this rules is to check if disk is either not public or encrypted by default"
applied: false
level: 2
@@ -175,7 +175,7 @@
- property : encryption.type
condition : EQUAL
value : EncryptionAtRestWithPlatformKey
- - name: count-repo
+ - name: "git-count-repo-orga"
description : "this rules is to count the number of repo in a git organization"
applied: false
level: 0
@@ -185,7 +185,7 @@
- property : topics
condition : COUNT
value : 0
- - name: test-all-onList
+ - name: "azure-test-all-onlist-function"
description : "this rules is to test the onList function"
applied: false
level: 0
@@ -198,7 +198,7 @@
- property: osDiskSizeGB
condition: EQUAL
value: 128
- - name: test-some-onList
+ - name: "azure-test-some-onlist"
description : "this rules is to test the onList function"
applied: false
level: 0
@@ -211,7 +211,7 @@
- property: vmSize
condition: EQUAL
value: Standard_B4ms
- - name: test-count-onList
+ - name: "azure-test-count-onlist"
description : "this rules is to test the onList function"
applied: false
level: 0
diff --git a/Kexa/services/updateCapability.service.ts b/Kexa/services/updateCapability.service.ts
index d665e909..e84d00f3 100644
--- a/Kexa/services/updateCapability.service.ts
+++ b/Kexa/services/updateCapability.service.ts
@@ -4,6 +4,8 @@ import { SettingFile } from "../models/settingFile/settingFile.models";
import { extractHeaders } from "./addOn.service";
import { gatheringRules } from "./analyse.service";
+const fs = require("fs");
+
async function releaseCapability(){
let rules = await gatheringRules("./Kexa/rules", true);
let freeRules = [...rules.map((rule: SettingFile) => {
@@ -20,6 +22,14 @@ async function releaseCapability(){
writeStringToJsonFile(JSON.stringify(headers, null, 4), "./capacity.json");
}
+function updateVersion(){
+ let packageJson = require("../../package.json");
+ let version = fs.readFileSync("./VERSION", "utf8");
+ packageJson.version = version.split("\n")[0];
+ fs.writeFileSync("./package.json", JSON.stringify(packageJson, null, 4));
+}
+
if (require.main === module) {
releaseCapability();
+ updateVersion();
}
\ No newline at end of file
diff --git a/README.md b/README.md
index 581c1236..e55162a7 100644
--- a/README.md
+++ b/README.md
@@ -359,6 +359,7 @@ innovtech/kexa
Once a scan has been performed, you can observe the results at the locations you have specified in your [rules files](./documentation/Documentation-Kexa.md#rules-editing). In addition to the notification locations you have set up, by default a html files of scan results for each rule file has been created. In the case of a quick-launch, your results will be displayed in logs + output files by default.
+Those html files can be found in your /config folder.
I'm going to show the result of a ruler scan with HTML rendering. The name of this file follow this type format : "./config/resources[Name of the rule][Date as : 'YYYYMMDDHHmm'].html". In our case our scan rule is "Security" :
diff --git a/VERSION b/VERSION
new file mode 100644
index 00000000..135879d0
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+1.8.0-SNAPSHOT.55.c3f6d1b
diff --git a/capacity.json b/capacity.json
index 15a7954a..42111b01 100644
--- a/capacity.json
+++ b/capacity.json
@@ -45,7 +45,7 @@
]
},
{
- "name": "tagsvalue-check-for-expiration-date",
+ "name": "aws-tagsvalue-check-for-expiration-date",
"description": "this rule is to check if tags contain an expiration date (separate with \"-\")",
"applied": true,
"level": 1,
@@ -117,7 +117,7 @@
"documentation": "https://learn.microsoft.com/fr-fr/javascript/api/overview/azure/?view=azure-node-latest",
"freeRules": [
{
- "name": "VM-Reservation",
+ "name": "check-vm-reservation",
"description": "check if VM have a reservation",
"applied": true,
"level": 0,
@@ -132,7 +132,7 @@
]
},
{
- "name": "azure-disk-orphan",
+ "name": "azure-is-disk-orphan",
"description": "this rules is to check if disk is orphan",
"applied": true,
"level": 1,
@@ -147,7 +147,7 @@
]
},
{
- "name": "aks-scaleSet",
+ "name": "aks-has-scaleSet",
"description": "check if aks have a scaleSet",
"applied": true,
"level": 0,
@@ -168,7 +168,7 @@
]
},
{
- "name": "Orphan nsg",
+ "name": "azure-orphan-nsg",
"description": "this rules is to check if nsg is orphan",
"applied": true,
"level": 1,
@@ -183,7 +183,7 @@
]
},
{
- "name": "Orphan virtualNetwork",
+ "name": "is-virtual-network-orphan",
"description": "this rules is to check if virtualNetwork is orphan",
"applied": true,
"level": 1,
@@ -198,7 +198,7 @@
]
},
{
- "name": "VirtualNetwork-subnet-count",
+ "name": "azure-virtual-network-minimum-subnets",
"description": "check if NSG have a minimum of subnets",
"applied": true,
"level": 1,
@@ -213,7 +213,7 @@
]
},
{
- "name": "aks-scaleSet",
+ "name": "aks-is-scaleset-down",
"description": "check if aks have a scaleSet down",
"applied": true,
"level": 0,
@@ -234,7 +234,7 @@
]
},
{
- "name": "NSG-subnet",
+ "name": "azure-nsg-valid-subnet",
"description": "check if NSG have a valid subnet",
"applied": true,
"level": 1,
@@ -249,7 +249,7 @@
]
},
{
- "name": "azure-disk-orphan",
+ "name": "azure-is-disk-orphan",
"description": "this rules is to check if disk is orphan",
"applied": false,
"level": 2,
@@ -264,7 +264,7 @@
]
},
{
- "name": "check-aks-cluster",
+ "name": "azure-check-aks-cluster-conformity",
"description": "this rules is to check if aks cluster are conform to the norms",
"applied": false,
"level": 2,
@@ -304,7 +304,7 @@
]
},
{
- "name": "azure-disk not public or encrypted",
+ "name": "azure-disk-not-public-or-encrypted",
"description": "this rules is to check if disk is either not public or encrypted by default",
"applied": false,
"level": 2,
@@ -329,7 +329,7 @@
]
},
{
- "name": "test-all-onList",
+ "name": "azure-test-all-onlist-function",
"description": "this rules is to test the onList function",
"applied": false,
"level": 0,
@@ -350,7 +350,7 @@
]
},
{
- "name": "test-some-onList",
+ "name": "azure-test-some-onlist",
"description": "this rules is to test the onList function",
"applied": false,
"level": 0,
@@ -371,7 +371,7 @@
]
},
{
- "name": "test-count-onList",
+ "name": "azure-test-count-onlist",
"description": "this rules is to test the onList function",
"applied": false,
"level": 0,
@@ -449,7 +449,7 @@
"documentation": "https://docs.github.com/en/rest?apiVersion=2022-11-28",
"freeRules": [
{
- "name": "Git repo check",
+ "name": "git-is-repository-private",
"description": "this rules is to check if git repo is private",
"applied": true,
"level": 0,
@@ -464,7 +464,7 @@
]
},
{
- "name": "Git_branch_protect",
+ "name": "git-is-branch-protectec",
"description": "this rules is to check if git branch is protected",
"applied": true,
"level": 0,
@@ -489,7 +489,7 @@
]
},
{
- "name": "Git repo check",
+ "name": "git-is-repository-private",
"description": "this rules is to check if my git repo is private",
"applied": true,
"level": 1,
@@ -514,7 +514,7 @@
]
},
{
- "name": "Git_branch_protect",
+ "name": "git-is-branch-protected",
"description": "this rules is to check if my git branch is protected",
"applied": true,
"level": 1,
@@ -544,7 +544,7 @@
]
},
{
- "name": "Git repo check",
+ "name": "git-is-repository-private",
"description": "this rules is to check if git repo is private",
"applied": true,
"level": 0,
@@ -559,7 +559,7 @@
]
},
{
- "name": "Git_branch_protect",
+ "name": "git-is-branch-protected",
"description": "this rules is to check if git branch is protected",
"applied": true,
"level": 0,
@@ -584,7 +584,7 @@
]
},
{
- "name": "Git repo check",
+ "name": "git-is-repository-private",
"description": "this rules is to check if git repo is private",
"applied": false,
"level": 0,
@@ -599,7 +599,7 @@
]
},
{
- "name": "Git_branch_protect",
+ "name": "git-is-branch-protected",
"description": "this rules is to check if git branch is protected",
"applied": false,
"level": 0,
@@ -624,7 +624,7 @@
]
},
{
- "name": "count-repo",
+ "name": "git-count-repo-orga",
"description": "this rules is to count the number of repo in a git organization",
"applied": false,
"level": 0,
@@ -648,8 +648,8 @@
"documentation": "https://developers.google.com/drive/api/reference/rest/v3?hl=fr",
"freeRules": [
{
- "name": "check drive files name",
- "description": "check drive files name",
+ "name": "check-regex-drive-file-name",
+ "description": "compare drive file name to regex for compliance",
"applied": true,
"level": 0,
"cloudProvider": "googleDrive",
@@ -663,8 +663,8 @@
]
},
{
- "name": "check drive files stay private",
- "description": "check drive files name private",
+ "name": "is-drive-file-private",
+ "description": "this rule is to check if drive files are private",
"applied": true,
"level": 0,
"cloudProvider": "googleDrive",
@@ -688,8 +688,8 @@
]
},
{
- "name": "shared only by domaine",
- "description": "shared only by domaine",
+ "name": "is-file-shared-only-by-domaine",
+ "description": "this rule is to check if a file is shared only by domain",
"applied": true,
"level": 0,
"cloudProvider": "googleDrive",
@@ -819,8 +819,8 @@
"documentation": "https://developer.mozilla.org/fr/docs/Web/HTTP",
"freeRules": [
{
- "name": "http request date in body",
- "description": "date check",
+ "name": "http-request-date-in-body",
+ "description": "request date in body",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -839,8 +839,8 @@
]
},
{
- "name": "http request certificate",
- "description": "certificate check",
+ "name": "http-request-certificate",
+ "description": "check if certificate is present",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -860,8 +860,8 @@
]
},
{
- "name": "http request header",
- "description": "header check",
+ "name": "http-request-header",
+ "description": "http requested header",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -875,8 +875,8 @@
]
},
{
- "name": "http request code",
- "description": "code check",
+ "name": "http-request-response-code",
+ "description": "check for a specific response code",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -900,8 +900,8 @@
]
},
{
- "name": "http request date in body",
- "description": "date check",
+ "name": "http-request-date-in-body",
+ "description": "check if date is in body",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -936,8 +936,8 @@
]
},
{
- "name": "http request certificate",
- "description": "certificate check",
+ "name": "http-request-certificate",
+ "description": "request certificate",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -951,8 +951,8 @@
]
},
{
- "name": "http request header",
- "description": "header check",
+ "name": "http-request-header",
+ "description": "request header content",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -966,8 +966,8 @@
]
},
{
- "name": "http request date in body",
- "description": "date check",
+ "name": "http-request-date-in-body",
+ "description": "request date in body",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -986,8 +986,8 @@
]
},
{
- "name": "http request certificate",
- "description": "certificate check",
+ "name": "http-request-certificate",
+ "description": "request certificate",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -1007,8 +1007,8 @@
]
},
{
- "name": "http request header",
- "description": "header check",
+ "name": "http-request-header",
+ "description": "request header content",
"applied": true,
"level": 0,
"cloudProvider": "http",
@@ -1073,7 +1073,7 @@
]
},
{
- "name": "alert-if-namespace-not-exist-api-4urcloud",
+ "name": "kub-alert-if-namespace-not-exist",
"description": "this rules is to check if namespace exist and notifiable if not",
"applied": true,
"level": 0,
@@ -1094,7 +1094,7 @@
]
},
{
- "name": "namespace-exist-dev-cloudprices-apiclient",
+ "name": "kub-alert-if-namespace-not-exist",
"description": "this rules is to check if namespace exist and notifiable if exist",
"applied": false,
"level": 0,
@@ -1109,7 +1109,7 @@
]
},
{
- "name": "all-pods-running-thecloudprices-manorga",
+ "name": "kub-are-all-pods-running-namespace",
"description": "this rules is to check if all pods are running for a namespace",
"applied": false,
"level": 2,
@@ -1134,7 +1134,7 @@
]
},
{
- "name": "all-pods-not-running",
+ "name": "kub-are-all-pods-not-running",
"description": "this rules is to be notifiable if pods are not running",
"applied": false,
"level": 2,
@@ -1159,7 +1159,7 @@
]
},
{
- "name": "all-my-helm-is-deploy",
+ "name": "kub-all-my-helm-is-deploy",
"description": "this rules is to check if some helm are not deployed",
"applied": false,
"level": 2,
diff --git a/package.json b/package.json
index a059afd0..dd726cf9 100644
--- a/package.json
+++ b/package.json
@@ -1,113 +1,113 @@
{
- "dependencies": {
- "@aws-sdk/client-ec2": "^3.390.0",
- "@azure/arm-compute": "^20.0.0",
- "@azure/arm-containerservice": "^19.0.0",
- "@azure/arm-network": "^30.1.0",
- "@azure/arm-resources": "^5.1.0",
- "@azure/arm-resources-subscriptions": "^2.1.0",
- "@azure/arm-storage": "^18.1.0",
- "@azure/functions": "^3.5.1",
- "@azure/graph": "^5.0.3",
- "@azure/keyvault-secrets": "^4.7.0",
- "@azure/logger": "^1.0.3",
- "@azure/storage-blob": "^12.16.0",
- "@google-cloud/appgateways": "^1.0.0",
- "@google-cloud/artifact-registry": "^3.0.0",
- "@google-cloud/assured-workloads": "^4.0.0",
- "@google-cloud/batch": "^1.1.0",
- "@google-cloud/billing": "^4.0.0",
- "@google-cloud/certificate-manager": "^1.0.0",
- "@google-cloud/compute": "^3.10.0",
- "@google-cloud/container": "^5.1.0",
- "@google-cloud/deploy": "^3.0.0",
- "@google-cloud/dns": "^4.0.0",
- "@google-cloud/domains": "^3.0.0",
- "@google-cloud/kms": "^4.0.0",
- "@google-cloud/kms-inventory": "^1.0.0",
- "@google-cloud/lineage": "^1.0.0",
- "@google-cloud/local-auth": "^2.1.0",
- "@google-cloud/managed-identities": "^3.0.0",
- "@google-cloud/monitoring-dashboards": "^3.0.0",
- "@google-cloud/network-management": "^3.0.0",
- "@google-cloud/notebooks": "^3.0.0",
- "@google-cloud/orchestration-airflow": "^3.0.0",
- "@google-cloud/org-policy": "^3.0.0",
- "@google-cloud/os-config": "^3.0.0",
- "@google-cloud/redis": "^4.0.0",
- "@google-cloud/resource-manager": "^5.0.0",
- "@google-cloud/resource-settings": "^3.0.0",
- "@google-cloud/retail": "^3.0.0",
- "@google-cloud/secret-manager": "^5.0.0",
- "@google-cloud/security-private-ca": "^5.0.0",
- "@google-cloud/service-directory": "^5.0.0",
- "@google-cloud/service-usage": "^3.0.0",
- "@google-cloud/storage": "^7.0.0",
- "@google-cloud/storageinsights": "^1.0.0",
- "@google-cloud/tasks": "^3.2.0",
- "@google-cloud/vmwareengine": "^1.0.0",
- "@google-cloud/vpc-access": "^3.0.0",
- "@google-cloud/web-security-scanner": "^3.0.0",
- "@google-cloud/workflows": "^3.0.0",
- "@google-cloud/workstations": "^1.0.0",
- "@kubernetes/client-node": "^0.18.1",
- "@microsoft/microsoft-graph-client": "^3.0.5",
- "@microsoft/teams-js": "^2.14.0",
- "@octokit/core": "^4.2.4",
- "@types/glob": "^8.1.0",
- "@types/minimatch": "^5.1.2",
- "@types/rimraf": "^4.0.5",
- "aws-sdk": "^2.1424.0",
- "cfonts": "^3.2.0",
- "config": "^3.3.9",
- "dotenv": "^16.0.3",
- "googleapis": "^105.0.0",
- "helm-ts": "^0.1.5",
- "js-yaml": "^4.1.0",
- "jsome": "^2.3.26",
- "moment": "^2.29.4",
- "nodemailer": "^6.9.3",
- "octokit": "^2.1.0",
- "tslog": "^4.7.1",
- "twilio": "^4.13.0",
- "uuid": "^9.0.0"
- },
- "devDependencies": {
- "@azure/identity": "^3.2.3",
- "@types/azure": "^0.9.20",
- "@types/chai": "^4.3.5",
- "@types/js-yaml": "^4.0.5",
- "@types/mocha": "^10.0.1",
- "@types/node": "^18.16.19",
- "chai": "^4.3.7",
- "mocha": "^10.2.0",
- "nodemon": "^3.0.1",
- "rimraf": "^5.0.1",
- "ts-node": "^10.9.1",
- "typescript": "^4.9.5"
- },
- "name": "Kexa",
- "version": "1.7.0",
- "main": "./build/index.js",
- "scripts": {
- "build": "rimraf ./build && tsc",
- "start:dev": "npx nodemon",
- "start": "npm run build && node build/index.js",
- "start:o": "npm run build && node build/index.js -o",
- "update": "npm run build && node build/services/updateCapability.service.js",
- "lint": "eslint . --ext .ts",
- "prettier-format": "run-script-os",
- "prettier-format:win32": "prettier --config .prettierrc \"./src/**/*.ts\" --write",
- "prettier-format:darwin:linux": "prettier --config .prettierrc 'src/**/*.ts' --write",
- "prettier-format:default": "prettier --config .prettierrc 'src/**/*.ts' --write",
- "prettier-watch": "run-script-os",
- "prettier-watch:win32": "onchange \"src/**/*.ts\" -- prettier --write {{changed}}",
- "prettier-watch:darwin:linux": "onchange 'src/**/*.ts' -- prettier --write {{changed}}",
- "prettier-watch:default": "onchange 'src/**/*.ts' -- prettier --write {{changed}}",
- "test": "npm run build && mocha --require ts-node/register --require source-map-support/register 'Kexa/__tests__/**/*.test.ts'"
- },
- "keywords": [],
- "author": "4urcloud | Esteban MATHIA | Adrien EPPLING",
- "license": "MIT",
- "description": "Kexa helps you save money and automate the standardization, security and verification of your cloud deployments."
-}
+ "dependencies": {
+ "@aws-sdk/client-ec2": "^3.390.0",
+ "@azure/arm-compute": "^20.0.0",
+ "@azure/arm-containerservice": "^19.0.0",
+ "@azure/arm-network": "^30.1.0",
+ "@azure/arm-resources": "^5.1.0",
+ "@azure/arm-resources-subscriptions": "^2.1.0",
+ "@azure/arm-storage": "^18.1.0",
+ "@azure/functions": "^3.5.1",
+ "@azure/graph": "^5.0.3",
+ "@azure/keyvault-secrets": "^4.7.0",
+ "@azure/logger": "^1.0.3",
+ "@azure/storage-blob": "^12.16.0",
+ "@google-cloud/appgateways": "^1.0.0",
+ "@google-cloud/artifact-registry": "^3.0.0",
+ "@google-cloud/assured-workloads": "^4.0.0",
+ "@google-cloud/batch": "^1.1.0",
+ "@google-cloud/billing": "^4.0.0",
+ "@google-cloud/certificate-manager": "^1.0.0",
+ "@google-cloud/compute": "^3.10.0",
+ "@google-cloud/container": "^5.1.0",
+ "@google-cloud/deploy": "^3.0.0",
+ "@google-cloud/dns": "^4.0.0",
+ "@google-cloud/domains": "^3.0.0",
+ "@google-cloud/kms": "^4.0.0",
+ "@google-cloud/kms-inventory": "^1.0.0",
+ "@google-cloud/lineage": "^1.0.0",
+ "@google-cloud/local-auth": "^2.1.0",
+ "@google-cloud/managed-identities": "^3.0.0",
+ "@google-cloud/monitoring-dashboards": "^3.0.0",
+ "@google-cloud/network-management": "^3.0.0",
+ "@google-cloud/notebooks": "^3.0.0",
+ "@google-cloud/orchestration-airflow": "^3.0.0",
+ "@google-cloud/org-policy": "^3.0.0",
+ "@google-cloud/os-config": "^3.0.0",
+ "@google-cloud/redis": "^4.0.0",
+ "@google-cloud/resource-manager": "^5.0.0",
+ "@google-cloud/resource-settings": "^3.0.0",
+ "@google-cloud/retail": "^3.0.0",
+ "@google-cloud/secret-manager": "^5.0.0",
+ "@google-cloud/security-private-ca": "^5.0.0",
+ "@google-cloud/service-directory": "^5.0.0",
+ "@google-cloud/service-usage": "^3.0.0",
+ "@google-cloud/storage": "^7.0.0",
+ "@google-cloud/storageinsights": "^1.0.0",
+ "@google-cloud/tasks": "^3.2.0",
+ "@google-cloud/vmwareengine": "^1.0.0",
+ "@google-cloud/vpc-access": "^3.0.0",
+ "@google-cloud/web-security-scanner": "^3.0.0",
+ "@google-cloud/workflows": "^3.0.0",
+ "@google-cloud/workstations": "^1.0.0",
+ "@kubernetes/client-node": "^0.18.1",
+ "@microsoft/microsoft-graph-client": "^3.0.5",
+ "@microsoft/teams-js": "^2.14.0",
+ "@octokit/core": "^4.2.4",
+ "@types/glob": "^8.1.0",
+ "@types/minimatch": "^5.1.2",
+ "@types/rimraf": "^4.0.5",
+ "aws-sdk": "^2.1424.0",
+ "cfonts": "^3.2.0",
+ "config": "^3.3.9",
+ "dotenv": "^16.0.3",
+ "googleapis": "^105.0.0",
+ "helm-ts": "^0.1.5",
+ "js-yaml": "^4.1.0",
+ "jsome": "^2.3.26",
+ "moment": "^2.29.4",
+ "nodemailer": "^6.9.3",
+ "octokit": "^2.1.0",
+ "tslog": "^4.7.1",
+ "twilio": "^4.13.0",
+ "uuid": "^9.0.0"
+ },
+ "devDependencies": {
+ "@azure/identity": "^3.2.3",
+ "@types/azure": "^0.9.20",
+ "@types/chai": "^4.3.5",
+ "@types/js-yaml": "^4.0.5",
+ "@types/mocha": "^10.0.1",
+ "@types/node": "^18.16.19",
+ "chai": "^4.3.7",
+ "mocha": "^10.2.0",
+ "nodemon": "^3.0.1",
+ "rimraf": "^5.0.1",
+ "ts-node": "^10.9.1",
+ "typescript": "^4.9.5"
+ },
+ "name": "Kexa",
+ "version": "1.8.0-SNAPSHOT.55.c3f6d1b",
+ "main": "./build/index.js",
+ "scripts": {
+ "build": "rimraf ./build && tsc",
+ "start:dev": "npx nodemon",
+ "start": "npm run build && node build/index.js",
+ "start:o": "npm run build && node build/index.js -o",
+ "update": "npm run build && node build/services/updateCapability.service.js",
+ "lint": "eslint . --ext .ts",
+ "prettier-format": "run-script-os",
+ "prettier-format:win32": "prettier --config .prettierrc \"./src/**/*.ts\" --write",
+ "prettier-format:darwin:linux": "prettier --config .prettierrc 'src/**/*.ts' --write",
+ "prettier-format:default": "prettier --config .prettierrc 'src/**/*.ts' --write",
+ "prettier-watch": "run-script-os",
+ "prettier-watch:win32": "onchange \"src/**/*.ts\" -- prettier --write {{changed}}",
+ "prettier-watch:darwin:linux": "onchange 'src/**/*.ts' -- prettier --write {{changed}}",
+ "prettier-watch:default": "onchange 'src/**/*.ts' -- prettier --write {{changed}}",
+ "test": "npm run build && mocha --require ts-node/register --require source-map-support/register 'Kexa/__tests__/**/*.test.ts'"
+ },
+ "keywords": [],
+ "author": "4urcloud | Esteban MATHIA | Adrien EPPLING",
+ "license": "MIT",
+ "description": "Kexa helps you save money and automate the standardization, security and verification of your cloud deployments."
+}
\ No newline at end of file