Enhancement: Adopt JSONPath for KubeSec Parser

Question

Enhancement: Adopt JSONPath for KubeSec Parser

hanyanghu opened this issue a year ago · 2 comments

To pinpoint locations of entities in a YAML file, JSONPath is the standard query language for JSON, but it can also be used for YAML. With JSONPath, many tools support fetching line numbers automatically, such as yq (https://mikefarah.gitbook.io/yq/operators/line).

Currently, KubeSec identifies entities using a custom expression language (e.g., "metadata.doc.yaml.6"). Adopt JSONPath in the KubeSec parser. Then, each static analysis alert can be identified by one (in most case) or many JSONPaths. Use yq to fetch line numbers using Python subprocess module.

Introduction material:
https://support.smartbear.com/alertsite/docs/monitors/api/endpoint/jsonpath.html

JSONPath playground:
https://jsonpath.com/

Answer 1 · 2023-06-06T14:41:45.000Z

Assignee: @shazibulislam

Answer 2 · 2023-06-19T13:20:19.000Z

Addressed the issue in pull request #15