From cf40e38be4d85c235a9d85a15f7fa326ebf356e6 Mon Sep 17 00:00:00 2001 From: Cédric Ollivier Date: Fri, 14 Oct 2022 14:35:19 +0200 Subject: By default just print all vulnerabilities MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's the behavior expected by RA2. Please change it via testcases.yaml if needed. Change-Id: I84b02fa273f63ea1930bd356739243756032533d Signed-off-by: Cédric Ollivier --- functest_kubernetes/security/security.py | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) (limited to 'functest_kubernetes/security') diff --git a/functest_kubernetes/security/security.py b/functest_kubernetes/security/security.py index cfbb391e..f03845a4 100644 --- a/functest_kubernetes/security/security.py +++ b/functest_kubernetes/security/security.py @@ -147,7 +147,7 @@ class KubeHunter(SecurityTesting): msg = prettytable.PrettyTable( header_style='upper', padding_width=5, field_names=['category', 'vulnerability', 'severity']) - severity = kwargs.get("severity", "high") + severity = kwargs.get("severity", "none") if severity == "low": allowed_severity = [] elif severity == "medium": @@ -156,16 +156,11 @@ class KubeHunter(SecurityTesting): allowed_severity = ["low", "medium"] else: self.__logger.warning( - "Selecting high as default severity (%s is incorrect)", - kwargs.get("severity", "high")) - severity = "high" - allowed_severity = ["low", "medium"] + "Just printing all vulnerabilities as " + "no severity criteria given") + allowed_severity = ["low", "medium", "high"] for vulnerability in self.details["vulnerabilities"]: - if vulnerability["severity"] in allowed_severity: - self.__logger.warning( - "Skipping %s (severity is configured as %s)", - vulnerability["vulnerability"], severity) - else: + if vulnerability["severity"] not in allowed_severity: self.result = 0 msg.add_row( [vulnerability["category"], vulnerability["vulnerability"], -- cgit 1.2.3-korg