search

tenable / terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
https://runterrascan.io
Apache License 2.0
4.69k stars 496 forks source link

Support reviewdog format output #1085

Open yu-iskw opened 2 years ago

yu-iskw commented 2 years ago

Description

As terrascan support various output format as YAML and JSON, so it would be great to support the format of reviewdog.

The output format follows as below:

{file}:{line number}:{column number}: {message}

Reference

https://github.com/reviewdog/reviewdog#input-format

yu-iskw commented 2 years ago

Hi @cesar-rodriguez, let me share a github action to run terrascan with reviewdog. As terrascan is awesome, I would like to integrate it with GitHubOps. Especially, automatically leaving comments about potential vulnerability to pull requests would be great.

Another reason why I created the action is that I need such an action for private repository. Actually, https://github.com/accurics/terrascan-action is awesome. But, at the moment, it is a bit difficult to work in private repositories, because it is hard to pass github token and so on to the container of terrascan-action. So, by implementing my action as a github composite action, we don't have to care the boundaries of credentials.

Last but not least, thank you for the great project. terrascan make me implement great github operations so that I encourage team members to care potentially vulnerability on IaC.

cesar-rodriguez commented 2 years ago

@yu-iskw The action looks great! We'll consider adding reviewdog output natively to make things easier.

Scheusal13 commented 2 years ago

Description

As terrascan support various output format as YAML and JSON, so it would be great to support the format of reviewdog.

The output format follows as below:

{file}:{line number}:{column number}: {message}

Reference

https://github.com/reviewdog/reviewdog#input-format