aboutsummaryrefslogtreecommitdiffstats
path: root/functest_kubernetes/security/security.py
diff options
context:
space:
mode:
authorCédric Ollivier <cedric.ollivier@orange.com>2022-10-14 14:35:19 +0200
committerCédric Ollivier <cedric.ollivier@orange.com>2022-10-14 14:35:19 +0200
commitcf40e38be4d85c235a9d85a15f7fa326ebf356e6 (patch)
treed25f2a3c94bb7390ae4d6753ede8ce5585d800e1 /functest_kubernetes/security/security.py
parentd07e2de81761e72bb8085a7d46f4f0424833d846 (diff)
By default just print all vulnerabilities
It's the behavior expected by RA2. Please change it via testcases.yaml if needed. Change-Id: I84b02fa273f63ea1930bd356739243756032533d Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
Diffstat (limited to 'functest_kubernetes/security/security.py')
-rw-r--r--functest_kubernetes/security/security.py15
1 files changed, 5 insertions, 10 deletions
diff --git a/functest_kubernetes/security/security.py b/functest_kubernetes/security/security.py
index cfbb391e..f03845a4 100644
--- a/functest_kubernetes/security/security.py
+++ b/functest_kubernetes/security/security.py
@@ -147,7 +147,7 @@ class KubeHunter(SecurityTesting):
msg = prettytable.PrettyTable(
header_style='upper', padding_width=5,
field_names=['category', 'vulnerability', 'severity'])
- severity = kwargs.get("severity", "high")
+ severity = kwargs.get("severity", "none")
if severity == "low":
allowed_severity = []
elif severity == "medium":
@@ -156,16 +156,11 @@ class KubeHunter(SecurityTesting):
allowed_severity = ["low", "medium"]
else:
self.__logger.warning(
- "Selecting high as default severity (%s is incorrect)",
- kwargs.get("severity", "high"))
- severity = "high"
- allowed_severity = ["low", "medium"]
+ "Just printing all vulnerabilities as "
+ "no severity criteria given")
+ allowed_severity = ["low", "medium", "high"]
for vulnerability in self.details["vulnerabilities"]:
- if vulnerability["severity"] in allowed_severity:
- self.__logger.warning(
- "Skipping %s (severity is configured as %s)",
- vulnerability["vulnerability"], severity)
- else:
+ if vulnerability["severity"] not in allowed_severity:
self.result = 0
msg.add_row(
[vulnerability["category"], vulnerability["vulnerability"],