feat: Included extra fields to findings result

Author: Marco Franceschi

src/plugins/policyPack/index.ts

@@ -74,7 +74,7 @@ export default class PolicyPackPlugin extends Plugin {
       }
 
       const {
-        default: { rules = [], entity = 'Custom' },
+        default: { rules = [], entity = 'Custom', extraFields = [] },
       } = (await pluginManager.getPlugin(policyPack)) ?? {}
 
       if (!rules) {
@@ -83,7 +83,7 @@ export default class PolicyPackPlugin extends Plugin {
         )
       }
 
-      return { rules, entity }
+      return { rules, entity, extraFields }
     } catch (error: any) {
       this.logger.error(error)
       this.logger.warn(
@@ -184,11 +184,12 @@ export default class PolicyPackPlugin extends Plugin {
       }
 
       // Initialize RulesEngine
-      const rulesEngine = new RulesEngine(
-        this.provider.name,
-        policyPackPlugin.entity,
-        resourceTypeNamesToFieldsMap
-      )
+      const rulesEngine = new RulesEngine({
+        providerName: this.provider.name,
+        entityName: policyPackPlugin.entity,
+        typenameToFieldMap: resourceTypeNamesToFieldsMap,
+        extraFields: policyPackPlugin.extraFields,
+      })
 
       this.policyPacksPlugins[policyPack] = {
         engine: rulesEngine,

src/rules-engine/index.ts

@@ -18,16 +18,25 @@ export default class RulesProvider implements Engine {
 
   private readonly typenameToFieldMap: { [typeName: string]: string }
 
+  private readonly extraFields: string[]
+
   private readonly providerName
 
   private readonly entityName
 
-  constructor(
-    providerName: string,
-    entityName: string,
+  constructor({
+    providerName,
+    entityName,
+    typenameToFieldMap,
+    extraFields,
+  }: {
+    providerName: string
+    entityName: string
     typenameToFieldMap?: { [tn: string]: string }
-  ) {
-    this.typenameToFieldMap = typenameToFieldMap || {}
+    extraFields?: string[]
+  }) {
+    this.extraFields = extraFields ?? []
+    this.typenameToFieldMap = typenameToFieldMap ?? {}
     this.entityName = entityName
     this.providerName = providerName
   }
@@ -60,6 +69,11 @@ export default class RulesProvider implements Engine {
   ): Promise<RuleFinding> => {
     const finding = await evaluator.evaluateSingleResource(rule, data)
 
+    // Inject extra fields
+    for (const field of this.extraFields) {
+      finding[field] = data.resource[field]
+    }
+
     const connField =
       data.resource.__typename && // eslint-disable-line no-underscore-dangle
       this.typenameToFieldMap[data.resource.__typename] // eslint-disable-line no-underscore-dangle
@@ -201,7 +215,7 @@ export default class RulesProvider implements Engine {
       this.entityName
     }Findings]
     }
-    type ${this.providerName}${this.entityName}Findings @key(fields: "id") {
+    interface baseFinding {
       id: String! @id
       ruleId: String! @search(by: [hash, regexp])
       resourceId: String @search(by: [hash, regexp])
@@ -213,9 +227,17 @@ export default class RulesProvider implements Engine {
       remediation: String @search(by: [hash, regexp])
       references: [String] @search(by: [hash, regexp])
       result: FindingsResult @search
+    }
+    type ${this.providerName}${
+      this.entityName
+    }Findings implements baseFinding  @key(fields: "id") {
       findings: ${this.providerName}Findings  @hasInverse(field: ${
       this.entityName
     }Findings)
+      # extra fields
+      ${this.extraFields.map(
+        field => `${field}: String @search(by: [hash, regexp])`
+      )}
       # connections
        ${Object.keys(this.typenameToFieldMap)
          .map(

tests/rules-engine.test.ts

@@ -36,11 +36,11 @@ const ruleMock = {
 describe('RulesEngine', () => {
   let rulesEngine: Engine
   beforeAll(() => {
-    rulesEngine = new RulesProvider(
+    rulesEngine = new RulesProvider({
       providerName,
       entityName,
-      typenameToFieldMap
-    )
+      typenameToFieldMap,
+    })
   })
   it('Should pass getting the updated schema created dynamically using schemaTypeName and typenameToFieldMap fields', () => {
     const schema = rulesEngine.getSchema()