CR

ShiriMoran · ShiriMoran · commit 9ee9329c39be · 2024-07-09T12:54:23.000+03:00
diff --git a/pkg/linter/lintFilterRuleSplitSubnet.go b/pkg/linter/lintFilterRuleSplitSubnet.go
@@ -41,8 +41,7 @@ func (lint *filterRuleSplitSubnet) lintDescription() string {
 	return "Firewall rules implying different connectivity for different endpoints within a subnet"
 }
 
-func (lint *filterRuleSplitSubnet) check() (bool, error) {
-	lintOK := true
+func (lint *filterRuleSplitSubnet) check() ([]finding, error) {
 	findingRes := []*splitRuleSubnet{}
 	for _, config := range lint.configs {
 		if config.IsMultipleVPCsConfig {
@@ -52,17 +51,16 @@ func (lint *filterRuleSplitSubnet) check() (bool, error) {
 			filterLayer := config.GetFilterTrafficResourceOfKind(layer)
 			rules, err := filterLayer.GetRules()
 			if err != nil {
-				return false, err
+				return nil, err
 			}
 			for _, rule := range rules {
 				subnetsSplitByRule := []vpcmodel.Subnet{}
 				for _, subnet := range config.Subnets {
 					splitSubnet, err := ruleSplitSubnet(subnet, rule.IPBlocks)
 					if err != nil {
-						return false, err
+						return nil, err
 					}
 					if splitSubnet {
-						lintOK = false
 						subnetsSplitByRule = append(subnetsSplitByRule, subnet)
 					}
 				}
@@ -74,7 +72,7 @@ func (lint *filterRuleSplitSubnet) check() (bool, error) {
 		}
 	}
 	lint.findings = findingRes
-	return lintOK, nil
+	return lint.convertToFindings(), nil
 }
 
 func (lint *filterRuleSplitSubnet) string() string {
@@ -103,7 +101,8 @@ func ruleSplitSubnet(subnet vpcmodel.Subnet, ruleIPBlocks []*ipblock.IPBlock) (b
 	return false, nil
 }
 
-func (lint *filterRuleSplitSubnet) getFindings() []finding {
+// todo: is there a better way?
+func (lint *filterRuleSplitSubnet) convertToFindings() []finding {
 	resFinding := make([]finding, len(lint.findings))
 	for i, issue := range lint.findings {
 		resFinding[i] = issue
diff --git a/pkg/linter/linterExecute.go b/pkg/linter/linterExecute.go
@@ -28,11 +28,11 @@ func LinterExecute(configs map[string]*vpcmodel.VPCConfig) (issueFound bool, res
 	strPerLint := []string{}
 	for _, thisLinter := range linters {
 		thisLintStr := ""
-		lintOK, err := thisLinter.check()
+		lintFindings, err := thisLinter.check()
 		if err != nil {
 			return false, "", err
 		}
-		if lintOK {
+		if len(lintFindings) == 0 {
 			thisLintStr = fmt.Sprintf("no lint %q issues\n", thisLinter.lintDescription())
 		} else {
 			issueFound = true
diff --git a/pkg/linter/linterTypes.go b/pkg/linter/linterTypes.go
@@ -10,12 +10,11 @@ import "github.com/np-guard/vpc-network-config-analyzer/pkg/vpcmodel"
 
 // todo: export certain functionality
 type linter interface {
-	check() (bool, error)    // false if issues found
-	lintName() string        // this lint Name
-	lintDescription() string // this string Name
-	string() string          // string with this lint's finding
-	toJSON() []any           // this lint finding in JSON
-	getFindings() []finding
+	check() ([]finding, error) // false if issues found
+	lintName() string          // this lint Name
+	lintDescription() string   // this string Name
+	string() string            // string with this lint's finding
+	toJSON() []any             // this lint finding in JSON
 }
 
 type finding interface {

Original file line number	Diff line number	Diff line change
`@@ -41,8 +41,7 @@ func (lint *filterRuleSplitSubnet) lintDescription() string {`
`41`	`41`	`return "Firewall rules implying different connectivity for different endpoints within a subnet"`
`42`	`42`	`}`
`43`	`43`
`44`		`-func (lint *filterRuleSplitSubnet) check() (bool, error) {`
`45`		`- lintOK := true`
	`44`	`+func (lint *filterRuleSplitSubnet) check() ([]finding, error) {`
`46`	`45`	`findingRes := []*splitRuleSubnet{}`
`47`	`46`	`for _, config := range lint.configs {`
`48`	`47`	`if config.IsMultipleVPCsConfig {`
`@@ -52,17 +51,16 @@ func (lint *filterRuleSplitSubnet) check() (bool, error) {`
`52`	`51`	`filterLayer := config.GetFilterTrafficResourceOfKind(layer)`
`53`	`52`	`rules, err := filterLayer.GetRules()`
`54`	`53`	`if err != nil {`
`55`		`- return false, err`
	`54`	`+ return nil, err`
`56`	`55`	`}`
`57`	`56`	`for _, rule := range rules {`
`58`	`57`	`subnetsSplitByRule := []vpcmodel.Subnet{}`
`59`	`58`	`for _, subnet := range config.Subnets {`
`60`	`59`	`splitSubnet, err := ruleSplitSubnet(subnet, rule.IPBlocks)`
`61`	`60`	`if err != nil {`
`62`		`- return false, err`
	`61`	`+ return nil, err`
`63`	`62`	`}`
`64`	`63`	`if splitSubnet {`
`65`		`- lintOK = false`
`66`	`64`	`subnetsSplitByRule = append(subnetsSplitByRule, subnet)`
`67`	`65`	`}`
`68`	`66`	`}`
`@@ -74,7 +72,7 @@ func (lint *filterRuleSplitSubnet) check() (bool, error) {`
`74`	`72`	`}`
`75`	`73`	`}`
`76`	`74`	`lint.findings = findingRes`
`77`		`- return lintOK, nil`
	`75`	`+ return lint.convertToFindings(), nil`
`78`	`76`	`}`
`79`	`77`
`80`	`78`	`func (lint *filterRuleSplitSubnet) string() string {`
`@@ -103,7 +101,8 @@ func ruleSplitSubnet(subnet vpcmodel.Subnet, ruleIPBlocks []*ipblock.IPBlock) (b`
`103`	`101`	`return false, nil`
`104`	`102`	`}`
`105`	`103`
`106`		`-func (lint *filterRuleSplitSubnet) getFindings() []finding {`
	`104`	`+// todo: is there a better way?`
	`105`	`+func (lint *filterRuleSplitSubnet) convertToFindings() []finding {`
`107`	`106`	`resFinding := make([]finding, len(lint.findings))`
`108`	`107`	`for i, issue := range lint.findings {`
`109`	`108`	`resFinding[i] = issue`