ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-12 15:55:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ignore inline whitelist comments, pass checkid to filter ignores specifically for checks

Browse Source
This commit is contained in:
Urjit Singh Bhatia
2020-04-14 17:29:36 -07:00
parent 56a4fd813c
commit bf72025b9b
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
prowler
View File

@@ -218,7 +218,8 @@ REGIONS=$($AWSCLI ec2 describe-regions --query 'Regions[].RegionName' \
# Pre-process whitelist file if supplied
if [[ -n "$WHITELIST_FILE" ]]; then
# ignore lines starting with # (comments)
WHITELIST=$(awk '!/^[[:space:]]*#/{print }' <(cat "$WHITELIST_FILE"))
# ignore inline comments: check1:foo # inline comment
WHITELIST=$(awk '!/^[[:space:]]*#/{print }' <(cat "$WHITELIST_FILE") | sed 's/[[:space:]]*#.*$//g')
fi
# Load all of the groups of checks inside groups folder named as "groupNumber*"
@@ -288,7 +289,7 @@ execute_check() {
show_check_title "$1"
ignores=$(awk '/${1}/{print}' <(echo "${WHITELIST}"))
# set the custom ignores list for this check
IGNORES="${ignores}" $1
IGNORES="${ignores}" CHECK_NAME="$1" $1
else
textFail "ERROR! Use a valid check name (i.e. check41 or extra71)";
exit $EXITCODE