From 15191931e91abd0577793e9a373570621fc55201 Mon Sep 17 00:00:00 2001 From: Deekshit S Date: Thu, 9 Oct 2025 12:49:51 +0530 Subject: [PATCH 1/2] feat(#460): Implement --disable-appendices flag to hide report tabs --- .gitignore | 4 ++++ cloudsplaining/command/scan.py | 20 ++++++++++++++++++++ cloudsplaining/output/report.py | 6 ++++++ cloudsplaining/output/template.html | 2 ++ 4 files changed, 32 insertions(+) diff --git a/.gitignore b/.gitignore index 2bfbce85..61f994c2 100644 --- a/.gitignore +++ b/.gitignore @@ -226,3 +226,7 @@ dmypy.json # Pyre type checker .pyre/ + +# Temporary output folders for local testing +test-simple/ +test-full/ \ No newline at end of file diff --git a/cloudsplaining/command/scan.py b/cloudsplaining/command/scan.py index cb6689b5..afd85e11 100644 --- a/cloudsplaining/command/scan.py +++ b/cloudsplaining/command/scan.py @@ -104,6 +104,14 @@ is_flag=True, help="Flag risky trust policies in roles.", ) +@click.option( + "-dA", + "--disable-appendices", + required=False, + default=False, + is_flag=True, + help="Disable the Guidance and Appendices tabs in the HTML report.", +) def scan( input_file: str, exclusions_file: str, @@ -114,6 +122,8 @@ def scan( verbosity: int, severity: list[str], flag_trust_policies: bool, + # New argument to disable appendices in the HTML report: + disable_appendices: bool, ) -> None: # pragma: no cover """ Given the path to account authorization details files and the exclusions config file, scan all inline and @@ -152,6 +162,8 @@ def scan( flag_conditional_statements=flag_conditional_statements, flag_resource_arn_statements=flag_resource_arn_statements, flag_trust_policies=flag_trust_policies, + # Dependency injection of new argument to disable appendices in the HTML report: + disable_appendices=disable_appendices, severity=severity, ) html_output_file = os.path.join(output, f"iam-report-{account_name}.html") @@ -185,6 +197,8 @@ def scan( output, write_data_files=True, minimize=minimize, + # dependency injection of new argument to disable appendices in the HTML report: + disable_appendices=disable_appendices, severity=severity, ) html_output_file = os.path.join(output, f"iam-report-{account_name}.html") @@ -235,6 +249,8 @@ def scan_account_authorization_details( flag_resource_arn_statements: bool = ..., flag_trust_policies: bool = ..., severity: list[str] | None = ..., + # New argument to disable appendices in the HTML report: + disable_appendices: bool = ..., ) -> str: ... @@ -250,6 +266,8 @@ def scan_account_authorization_details( flag_resource_arn_statements: bool = False, flag_trust_policies: bool = False, severity: list[str] | None = None, + # New argument to disable appendices in the HTML report: + disable_appendices: bool = False, ) -> str | dict[str, Any]: # pragma: no cover """ Given the path to account authorization details files and the exclusions config file, scan all inline and @@ -280,6 +298,8 @@ def scan_account_authorization_details( account_name=account_name, results=results, minimize=minimize, + # dependency injection of new argument to disable appendices in the HTML report: + disable_appendices=disable_appendices, ) rendered_report = html_report.get_html_report() diff --git a/cloudsplaining/output/report.py b/cloudsplaining/output/report.py index 66e4634f..fd6066d8 100644 --- a/cloudsplaining/output/report.py +++ b/cloudsplaining/output/report.py @@ -25,11 +25,15 @@ def __init__( account_name: str, results: dict[str, dict[str, Any]], minimize: bool = False, + # New argument to disable appendices in the HTML report: + disable_appendices: bool = False, ) -> None: self.account_name = account_name self.account_id = account_id self.report_generated_time = datetime.datetime.now().strftime("%Y-%m-%d") self.minimize = minimize + # dependency injection of new argument to disable appendices in the HTML report: + self.disable_appendices = disable_appendices self.results = f"var iam_data = {json.dumps(results, default=str)}" self.template_config = TemplateConfig() @@ -79,6 +83,8 @@ def get_html_report(self) -> str: appendices_content=self.template_config.appendices_content, show_guidance_nav=self.template_config.show_guidance_nav, show_appendices_nav=self.template_config.show_appendices_nav, + # dependency injection of new argument to disable appendices in the HTML report: + disable_appendices=self.disable_appendices, ) template_path = os.path.dirname(__file__) env = Environment(loader=FileSystemLoader(template_path)) # noqa: S701 diff --git a/cloudsplaining/output/template.html b/cloudsplaining/output/template.html index 4c4dfa47..0c705803 100644 --- a/cloudsplaining/output/template.html +++ b/cloudsplaining/output/template.html @@ -36,12 +36,14 @@ var appendices_content; var show_guidance_nav; var show_appendices_nav; + var disable_appendices; account_id = "{{ t.account_id }}"; account_name = "{{ t.account_name }}"; report_generated_time = "{{ t.report_generated_time }}"; cloudsplaining_version = "{{ t.cloudsplaining_version }}"; show_guidance_nav = "{{ t.show_guidance_nav }}"; show_appendices_nav = "{{ t.show_appendices_nav }}"; + disable_appendices = "{{ t.disable_appendices }}"; guidance_content = "{{ t.guidance_content|safe if t.show_guidance_nav else '' }}"; appendices_content = "{{ t.appendices_content|safe if t.show_appendices_nav else '' }}"; From 0627ab425ca72c5e9c45afc57373f780f9eedb80 Mon Sep 17 00:00:00 2001 From: Deekshit S Date: Thu, 9 Oct 2025 12:53:20 +0530 Subject: [PATCH 2/2] feat(#460): Implement --disable-appendices flag to hide report tabs --- .gitignore | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.gitignore b/.gitignore index 61f994c2..2bfbce85 100644 --- a/.gitignore +++ b/.gitignore @@ -226,7 +226,3 @@ dmypy.json # Pyre type checker .pyre/ - -# Temporary output folders for local testing -test-simple/ -test-full/ \ No newline at end of file