Example #1
0
 def test_namespace_deny_default(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=[], skip_checks=["default"])
     config = {"metadata": {"namespace": "not_matched"}}
     self.assertTrue(instance._should_run_scan("CKV_1", config, run_filter))
Example #2
0
 def test_run_by_id_default(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=[], skip_checks=[])
     self.assertTrue(instance._should_run_scan("CKV_1", {}, run_filter))
Example #3
0
 def test_run_by_id_specific_disable_AND_enable(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=["CKV_1"], skip_checks=["CKV_1"])
     self.assertTrue(instance._should_run_scan("CKV_1", {}, run_filter))
Example #4
0
 def test_run_by_id_external4(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=["CKV_1"], skip_checks=["CKV_2"], all_external=True)
     run_filter.notify_external_check("CKV_EXT_999")
     self.assertTrue(instance._should_run_scan("CKV_EXT_999", {}, run_filter))
Example #5
0
 def test_run_by_id_external_disabled(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=[], skip_checks=["CKV_1", "CKV_EXT_999"])
     run_filter.notify_external_check("CKV_EXT_999")
     self.assertFalse(instance._should_run_scan("CKV_EXT_999", {}, run_filter))
Example #6
0
 def test_run_by_id_omitted_specific_disable_bc_id(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=[], skip_checks=["BC_CKV_1"])
     self.assertTrue(instance._should_run_scan("CKV_999", {}, run_filter, "BC_CKV_999"))
Example #7
0
 def test_run_by_id_omitted_specific_enable(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=["CKV_1"], skip_checks=[])
     self.assertFalse(instance._should_run_scan("CKV_999", {}, run_filter))
Example #8
0
 def test_namespace_allow_specific_other(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=["something_else"], skip_checks=[])
     config = {"metadata": {"namespace": "not_matched"}}
     self.assertFalse(instance._should_run_scan("CKV_1", config, run_filter))
Example #9
0
 def test_namespace_deny_specific(self):
     instance = Registry()
     run_filter = RunnerFilter(checks=[], skip_checks=["matched"])
     config = {"metadata": {"namespace": "matched"}}
     self.assertFalse(instance._should_run_scan("CKV_1", config, run_filter))
Example #10
0
from checkov.kubernetes.checks.resource.base_registry import Registry

registry = Registry()