Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apiserver: Add /report endpoint for CIS reporting #3219

Merged
merged 1 commit into from
Jul 11, 2023
Merged

apiserver: Add /report endpoint for CIS reporting #3219

merged 1 commit into from
Jul 11, 2023

Conversation

stmcginnis
Copy link
Contributor

@stmcginnis stmcginnis commented Jun 21, 2023
edited
Loading

Issue number:

Related #2731

Description of changes:

This adds a new /report endpoint. GETs to this endpoint get a list of the available reports which can then be called directly. Initially this is only /report/cis that can be used to trigger a bloodhound CIS benchmark report, returning the results. The type argument controls which report to run. Right now there is only the CIS report, but this will be expanded in the future as we add other compliance or benchmark reports.

# apiclient -u /report
[{"name":"cis","description":"CIS Bottlerocket Benchmark"}]

The bloodhound options for --level and --format are supported with:

# apiclient -u "/report/cis&level=2&format=json"

Testing done:

# apiclient -u /report
[{"name":"cis","description":"CIS Bottlerocket Benchmark"}]

# apiclient -u /report/cis
Failed GET request to '/report': Status 400 when GETing /report: Report type must be specified

# apiclient -u "/report?type=cis-k8s"
Failed GET request to '/report?type=cis-k8s': Status 422 when GETing /report?type=cis-k8s: Report type 'cis-k8s' is not supported

# apiclient raw -u "/report?type=cis&level=2&format=json"

{...}

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

@stmcginnis
apiserver: Add /report endpoint for CIS reporting
867d912 
This adds a new `/report` endpoint. GETs to this endpoint get a list of
the available reports which can then be called directly. Initially this
is only `/report/cis` that can be used to trigger a bloodhound CIS
benchmark report, returning the results. The type argument controls
which report to run. Right now there is only the CIS report, but this
will be expanded in the future as we add other compliance or benchmark
reports.

```
/report
[{"name":"cis","description":"CIS Bottlerocket Benchmark"}]
```

The bloodhound options for `--level` and `--format` are supported with:

```
/report/cis&level=2&format=json"
```

Signed-off-by: Sean McGinnis <[email protected]>
@stmcginnis stmcginnis mentioned this pull request Jun 30, 2023
Merged
@stmcginnis stmcginnis merged commit 44708b5 into bottlerocket-os:develop Jul 11, 2023
38 checks passed
@stmcginnis stmcginnis deleted the cis-agent-apiserver branch July 11, 2023 20:50
@bcressey
Copy link
Contributor

LGTM!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cbgbt cbgbt cbgbt approved these changes

@etungsten etungsten etungsten approved these changes

@yeazelm yeazelm yeazelm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@stmcginnis @bcressey @cbgbt @etungsten @yeazelm