Tags: CodeHeeler/kerlescan
Tags
feature: check for "insights" entitlement Previously, we checked all accounts to see if they had smart management entitlements. Instead, check if `ENABLE_SMART_MANAGEMENT_ENTITLEMENT_CHECK` is enabled first. If so, check for "smart_management" in the "entitlements" hash. If it's not enabled, check for "insights". Once this is disabled in all environments, the flag will go away along with the smart mgmt entitlement check code.
error gracefully if identity header is not present We previously were only failing gracefully if the identity header was not present in the entitlement check code. However, not all applications use the entitlement check. This commit adds identity header existence checks to the username logging and RBAC check.
Parse RPM names with insights library Previously, we were parsing RPM names using the `split` method. However, there was a change in the way RPM names were stored in the package profile, and this way of parsing did not work anymore. Instead, parse using `InstalledRpm.from_package`. We handle both the old style (`"0:bash-1.2-3.snes"`) and new style (`"bash-0:1.2-3.snes"`) of package profile now. If we detect `^[0-9]+:` at the beginning, we strip off the epoch and send the rest through to `from_package`. This commit also adds unit tests to kerlescan. The library was tested via **drift-backend**'s tests before, but we are starting to slowly move tests over here.
PreviousNext