FIXME: would probably be better to have a struct for this
(hub *cwhub.Hub)
| 13 | var appsecRules = make(map[string]AppsecCollectionConfig) // FIXME: would probably be better to have a struct for this |
| 14 | |
| 15 | func LoadAppsecRules(hub *cwhub.Hub) error { |
| 16 | appsecRules = make(map[string]AppsecCollectionConfig) |
| 17 | |
| 18 | for _, hubAppsecRuleItem := range hub.GetInstalledByType(cwhub.APPSEC_RULES, false) { |
| 19 | content, err := os.ReadFile(hubAppsecRuleItem.State.LocalPath) |
| 20 | if err != nil { |
| 21 | log.Warnf("unable to read file %s : %s", hubAppsecRuleItem.State.LocalPath, err) |
| 22 | continue |
| 23 | } |
| 24 | |
| 25 | var rule AppsecCollectionConfig |
| 26 | |
| 27 | err = yaml.UnmarshalStrict(content, &rule) |
| 28 | if err != nil { |
| 29 | log.Warnf("unable to parse file %s : %s", hubAppsecRuleItem.State.LocalPath, err) |
| 30 | continue |
| 31 | } |
| 32 | |
| 33 | if rule.Name == "" { |
| 34 | return fmt.Errorf("appsec rule name is empty for %s", hubAppsecRuleItem.State.LocalPath) |
| 35 | } |
| 36 | |
| 37 | rule.hash = hubAppsecRuleItem.State.LocalHash |
| 38 | rule.version = hubAppsecRuleItem.Version |
| 39 | |
| 40 | log.Infof("Adding %s to appsec rules", rule.Name) |
| 41 | |
| 42 | appsecRules[rule.Name] = rule |
| 43 | } |
| 44 | |
| 45 | if len(appsecRules) == 0 { |
| 46 | log.Debugf("No appsec rules found") |
| 47 | } |
| 48 | return nil |
| 49 | } |
no test coverage detected
searching dependent graphs…