feat(misconf): Show misconfig ID in output (#7762)

2025-12-05 20:40:16 -08:00 · 2024-10-23 12:54:29 -06:00
parent 9514148767
commit f75c0d1f00
2 changed files with 17 additions and 16 deletions
--- a/pkg/report/table/misconfig.go
+++ b/pkg/report/table/misconfig.go
@@ -124,18 +124,18 @@ func (r *misconfigRenderer) renderSummary(misconf types.DetectedMisconfiguration
 		}
 	}

-	// severity
+	// ID & severity
 	switch misconf.Severity {
 	case severityCritical:
-		r.printf("<red><bold>%s: ", misconf.Severity)
+		r.printf("%s <red><bold>(%s): ", misconf.AVDID, misconf.Severity)
 	case severityHigh:
-		r.printf("<red>%s: ", misconf.Severity)
+		r.printf("%s <red>(%s): ", misconf.AVDID, misconf.Severity)
 	case severityMedium:
-		r.printf("<yellow>%s: ", misconf.Severity)
+		r.printf("%s <yellow>(%s): ", misconf.AVDID, misconf.Severity)
 	case severityLow:
-		r.printf("%s: ", misconf.Severity)
+		r.printf("%s (%s): ", misconf.AVDID, misconf.Severity)
 	default:
-		r.printf("<blue>%s: ", misconf.Severity)
+		r.printf("%s <blue>(%s): ", misconf.AVDID, misconf.Severity)
 	}

 	// heading
--- a/pkg/report/table/misconfig_test.go
+++ b/pkg/report/table/misconfig_test.go
@@ -27,7 +27,8 @@ func TestMisconfigRenderer(t *testing.T) {
 				MisconfSummary: &types.MisconfSummary{Successes: 0, Failures: 1, Exceptions: 0},
 				Misconfigurations: []types.DetectedMisconfiguration{
 					{
-						ID:          "AVD-XYZ-0123",
+						ID:          "some-alias-for-a-check",
+						AVDID:       "AVD-XYZ-0123",
 						Title:       "Config file is bad",
 						Description: "Your config file is not good.",
 						Message:     "Oh no, a bad config.",
@@ -44,7 +45,7 @@ my-file ()
 Tests: 1 (SUCCESSES: 0, FAILURES: 1, EXCEPTIONS: 0)
 Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

-HIGH: Oh no, a bad config.
+AVD-XYZ-0123 (HIGH): Oh no, a bad config.
 ════════════════════════════════════════
 Your config file is not good.

@@ -61,7 +62,7 @@ See https://google.com/search?q=bad%20config
 				MisconfSummary: &types.MisconfSummary{Successes: 0, Failures: 1, Exceptions: 0},
 				Misconfigurations: []types.DetectedMisconfiguration{
 					{
-						ID:          "AVD-XYZ-0123",
+						AVDID:       "AVD-XYZ-0123",
 						Title:       "Config file is bad",
 						Description: "Your config file is not good.",
 						Message:     "Oh no, a bad config.",
@@ -103,7 +104,7 @@ my-file ()
 Tests: 1 (SUCCESSES: 0, FAILURES: 1, EXCEPTIONS: 0)
 Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

-HIGH: Oh no, a bad config.
+AVD-XYZ-0123 (HIGH): Oh no, a bad config.
 ════════════════════════════════════════
 Your config file is not good.

@@ -126,7 +127,7 @@ See https://google.com/search?q=bad%20config
 				MisconfSummary: &types.MisconfSummary{Successes: 1, Failures: 1, Exceptions: 0},
 				Misconfigurations: []types.DetectedMisconfiguration{
 					{
-						ID:          "AVD-XYZ-0123",
+						AVDID:       "AVD-XYZ-0123",
 						Title:       "Config file is bad",
 						Description: "Your config file is not good.",
 						Message:     "Oh no, a bad config.",
@@ -157,7 +158,7 @@ See https://google.com/search?q=bad%20config
 						},
 					},
 					{
-						ID:          "AVD-XYZ-0456",
+						AVDID:       "AVD-XYZ-0456",
 						Title:       "Config file is bad again",
 						Description: "Your config file is still not good.",
 						Message:     "Oh no, a bad config AGAIN.",
@@ -174,7 +175,7 @@ my-file ()
 Tests: 2 (SUCCESSES: 1, FAILURES: 1, EXCEPTIONS: 0)
 Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

-FAIL: HIGH: Oh no, a bad config.
+FAIL: AVD-XYZ-0123 (HIGH): Oh no, a bad config.
 ════════════════════════════════════════
 Your config file is not good.

@@ -188,7 +189,7 @@ See https://google.com/search?q=bad%20config
 ────────────────────────────────────────


-PASS: MEDIUM: Oh no, a bad config AGAIN.
+PASS: AVD-XYZ-0456 (MEDIUM): Oh no, a bad config AGAIN.
 ════════════════════════════════════════
 Your config file is still not good.

@@ -213,7 +214,7 @@ See https://google.com/search?q=bad%20config
 					{
 						Type:        "Terraform Security Check",
 						ID:          "AVD-AWS-0107",
-						AVDID:       "AVS-AWS-0107",
+						AVDID:       "AVD-AWS-0107",
 						Title:       "An ingress security group rule allows traffic from /0",
 						Description: "Opening up ports to the public internet is generally to be avoided. You should restrict access to IP addresses or ranges that explicitly require it where possible.",
 						Message:     "Security group rule allows ingress from public internet.",
@@ -312,7 +313,7 @@ terraform-aws-modules/security-group/aws/main.tf (terraform)
 Tests: 6 (SUCCESSES: 5, FAILURES: 1, EXCEPTIONS: 0)
 Failures: 1 (LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 1)

-CRITICAL: Security group rule allows ingress from public internet.
+AVD-AWS-0107 (CRITICAL): Security group rule allows ingress from public internet.
 ════════════════════════════════════════
 Opening up ports to the public internet is generally to be avoided. You should restrict access to IP addresses or ranges that explicitly require it where possible.