Closed rgreinho closed 2 years ago
morwn
commented
2 years ago Could you please elaborate on the scenario you are trying to achieve? AVD standard is ta page per sub-control(X.x), in addition, you have the same information within the generated report.
rgreinho
commented
2 years ago Absolutely! My point is that the URL which is provided with a result should point to the exact remediation sub-section instead of the section page itself.
A solution would be to add an anchor at the end of the link. As a result, https://avd.aquasec.com/compliance/softwaresupplychain/cis-1.0/cis-1.0-sourcecode/1.1 would become https://avd.aquasec.com/compliance/softwaresupplychain/cis-1.0/cis-1.0-sourcecode/1.1#ensure-linear-history-is-required and the user would land exactly where it should instead of arriving at the top of the page.
naortalmor1
commented
2 years ago @morwn Please take it with @owenrumney and see how we can extend AVD to include specific link target.
On the aquasec website listing the issues and their remediation, it is currently not possible to give a link pointing to the exact subsection.
For example, it is only possible to link the "Code Changes" (https://avd.aquasec.com/compliance/softwaresupplychain/cis-1.0/cis-1.0-sourcecode/1.1) page, but not to point directly to the "1.1.3 Ensure any change to code receives approval of two strongly authenticated users" item.
Then this permalink should be used in the "Url" value of the report file generated by chain-bench.