{"id":34030756,"url":"https://github.com/prancer-io/cloud-validation-framework","last_synced_at":"2026-04-09T03:33:21.884Z","repository":{"id":38373879,"uuid":"169119722","full_name":"prancer-io/cloud-validation-framework","owner":"prancer-io","description":"prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment","archived":false,"fork":false,"pushed_at":"2026-03-02T06:58:46.000Z","size":3681,"stargazers_count":122,"open_issues_count":19,"forks_count":30,"subscribers_count":101,"default_branch":"master","last_synced_at":"2026-03-02T07:47:44.286Z","etag":null,"topics":["cloud","cloudsecurity","governance","iac","sca","security"],"latest_commit_sha":null,"homepage":"https://www.prancer.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/prancer-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-02-04T17:38:18.000Z","updated_at":"2026-03-02T06:58:50.000Z","dependencies_parsed_at":"2024-01-01T11:27:39.268Z","dependency_job_id":"213cad75-3bce-4e8e-b9e9-8be8c8da1bb4","html_url":"https://github.com/prancer-io/cloud-validation-framework","commit_stats":{"total_commits":1292,"total_committers":28,"mean_commits":"46.142857142857146","dds":0.8003095975232198,"last_synced_commit":"17bb3ac2be40dd54fd62147c23df4c11afb7bf89"},"previous_names":[],"tags_count":219,"template":false,"template_full_name":null,"purl":"pkg:github/prancer-io/cloud-validation-framework","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prancer-io%2Fcloud-validation-framework","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prancer-io%2Fcloud-validation-framework/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prancer-io%2Fcloud-validation-framework/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prancer-io%2Fcloud-validation-framework/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/prancer-io","download_url":"https://codeload.github.com/prancer-io/cloud-validation-framework/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prancer-io%2Fcloud-validation-framework/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31584606,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-08T14:31:17.711Z","status":"online","status_checked_at":"2026-04-09T02:00:06.848Z","response_time":112,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud","cloudsecurity","governance","iac","sca","security"],"created_at":"2025-12-13T18:03:25.976Z","updated_at":"2026-04-09T03:33:21.876Z","avatar_url":"https://github.com/prancer-io.png","language":"Python","readme":"\n## Introduction\nPrancer is a pre-deployment and post-deployment multi-cloud security platform for your Infrastructure as Code (IaC) and live cloud resources. It shifts the security to the left and provides end-to-end security scanning based on the Policy as Code concept. DevOps engineers can use it for static code analysis on IaC to find security drifts and maintain their cloud security posture with continuous compliance features. you can get more information from our website at : https://www.prancer.io\n\n## prerequisites\n- Linux-based OS\n- Python 3.6.8 / 3.8 or 3.9\n- mongo database (optional)\n\n\n \u003e Note: mongo database is not a hard requirement to run prancer basic platform. It is possible to run the framework and write all the outputs to the file system. To learn more, you can review [prancer documentation](https://docs.prancer.io/configuration/config/)\n\n# Running Prancer from the code\nYou can run Prancer Basic Platform from your file system or the database. There are three modes available:\n - `--db NONE` It means all the files are expected to be on the file system, and the results also will be written on the file system.\n - `--db SNAPSHOT` It means all the configuration files and output files will be written on the filesystem. but the resource snapshots are being kept in the database\n - `--db FULL` It means all the configuration files and snapshots are stored in the database\n  \n## Running Prancer with no database\n\n- Clone the Prancer repository at `https://github.com/prancer-io/cloud-validation-framework.git`\n- `cd cloud-validation-framework`\n- Install the dependent packages as present in requirements.txt `pip3 install -r requirements.txt`\n- export the following variables:\n\n  ```\n  export BASEDIR=`pwd`\n  export PYTHONPATH=$BASEDIR/src\n  export FRAMEWORKDIR=$BASEDIR\n  ```\n  \n- Run the sample scenario from the filesystem: `python3 utilities/validator.py gitScenario --db NONE`\n- Review the result `cat realm/validation/gitScenario/output-test.json`\n\n\u003e For more scenarios, visit our `Hello World` application at : https://github.com/prancer-io/prancer-hello-world\n\n## Running Prancer with no database in a virtual environment\n  `git clone https://github.com/prancer-io/cloud-validation-framework.git`\n\n  `cd cloud-validation-framework`\n  \n  make sure python virtual environment is installed and set up. (https://docs.python.org/3/tutorial/venv.html)\n\n  `python3 -m venv tutorial-env`\n\n  `source tutorial-env/bin/activate`\n\n  `pip install -r requirements.txt`\n  \n  export the following variables:\n\n  ```\n  export BASEDIR=`pwd`\n  export PYTHONPATH=$BASEDIR/src\n  export FRAMEWORKDIR=$BASEDIR\n  ```\n\nRun the sample scenario from the filesystem: `python utilities/validator.py gitScenario --db NONE`\n\nReview the result `cat realm/validation/gitScenario/output-test.json`\n\n## How to run `crawler`\nWhenever you have the master snapshot configuration files available, you need to first run the `crawler`. Crawler finds individual objects from the target provider based on the master snapshot configuration file guidance. And generate snapshot configuration files that contains the reference to individual objects. You can crawl a target environment by specifying `--crawler` to your command.\n\n`python utilities/validator.py gitScenario --db NONE --crawler`\n\nTo understand more about the crawling, check our documentation at : https://docs.prancer.io/crawler/crawler-definition/\n\n## How to upload files to database and run prancer from database\nFirst, make sure you have the MongoDB up and running. you can refer to this documentation from MongoDB: https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu/ \n\nEdit config.ini and add these lines if they are not already there\n```\n  [MONGODB]\n  dburl = mongodb://localhost:27017/validator\n  dbname = validator\n  COLLECTION = resources\n  SNAPSHOT = snapshots\n  TEST = tests\n  STRUCTURE = structures\n  MASTERSNAPSHOT = mastersnapshots\n  MASTERTEST = mastertests\n  OUTPUT = outputs\n  NOTIFICATIONS = notifications\n```\n\nYou can use `populate_json.py` file in the `utilities` folder to upload files from filesystem to mongodb: \n\n**upload connectors**\n\n`python utilities/populate_json.py scenario-pass --file connector.json`\n\nCheck the DB's `structures` collection to make sure the connector is uploaded successfully.\n\n**upload snapshots**\n\n`python utilities/populate_json.py scenario-pass --file snapshot.json`\n\nCheck the DB's `snapshots` collection to make sure the snapshot is uploaded successfully.\n\n**upload tests**\n\n`python utilities/populate_json.py scenario-pass --file test.json`\n\nCheck the DB's tests collection to make sure the test is uploaded successfully.\n\n\u003e Note: You can do the same for the scenario fail.\n\nNow you can run the framework from the database:\n`python utilities/validator.py scenario-fail --db FULL`\n\nCheck the DB's `webserver` and `outputs` collection in mongoDB to see the results.\n\n\n## what are the environment variables\nWe have three environment variables that need to be set before running the code.\n\n```\nexport BASEDIR=`pwd`\nexport PYTHONPATH=$BASEDIR/src\nexport FRAMEWORKDIR=$BASEDIR\n```\n`BASEDIR` is the base directory for the codebase. It is the folder you have cloned your git repository to.\n\n`PYTHONPATH` is where the code resides. It is in the `src` folder inside the cloned directory.\n\n`FRAMEWORKDIR` is where the configuration files available. We expect `config.ini` available in this directory. other folders are referenced in the `config.ini`\n\n# Debugging with VSCode\nMake sure these files exists under `.vscode` folder\n - launch.json\n - settings.json\n\nThe content of these files are as follows:\n\n`launch.json`\n```\n{\n    \"version\": \"0.2.0\",\n    \"configurations\": [\n        {\n            \"env\": {\n                \"BASEDIR\": \"${workspaceFolder}\",\n                \"PYTHONPATH\": \"${workspaceFolder}/src\",\n                \"FRAMEWORKDIR\": \"${workspaceFolder}\"\n            },\n            \"name\": \"Python: Current File\",\n            \"type\": \"python\",\n            \"request\": \"launch\",\n            \"program\": \"${file}\",\n            \"console\": \"integratedTerminal\",\n            \"python\": \"${command:python.interpreterPath}\",\n            \"args\": [\n                \"gitScenario\"\n            ]\n        }\n    ]\n}\n```\nIn the `args` attribute, you will put the name of the `collection` you want to run the code for. For example, we have a `gitScenario` you can use for testing purposes.\n\n`settings.json`\n```\n{\n    \"python.pythonPath\": \"testenv/bin/python\"\n}\n```\nIn `python.pythonPath` file you put the path to your python. In the above example, we are using a virtual python environment `testenv`\n\n\u003e Note : These files already available in our repository and you can modify them based on your requirements.\n\nThis document helps you how to do debugging of Python applications in VSCode : https://code.visualstudio.com/docs/python/debugging\n\n## Further documentation\nTo learn more about the Prancer Platform, review our [documentation site](https://docs.prancer.io)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprancer-io%2Fcloud-validation-framework","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprancer-io%2Fcloud-validation-framework","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprancer-io%2Fcloud-validation-framework/lists"}