fix(query): refine missing_app_armor_config k8s rule to operate on specific containers

[Churro]

Problem

• The current rule only works on pods
• There is no check whether AppArmor is configured for each container
• There is no check whether the provided AppArmor profile is reasonable

Proposed Changes

• An implementation that addresses the issues described above.

I submit this contribution under the Apache-2.0 license.

[kicsbot]

Scan submitted to Checkmarx

[kicsbot]

Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 5 vulnerabilities
 0 High
 0 Medium
 5 Low
 0 Info

Violation Summary

No policy violation found

[rafaela-soares]

Hi @Churro!

Thank you so much for being so active and contributing to KICS! Your work improved a lot the K8s queries 🚀 We are very grateful!

This PR is almost ready to be another great contribution. For that, the PR should not fail in the unit tests. Please, merge the master in the branch. After that, run the command go test ./test and observe the output of it, please.

It reports that the positive_expected_result.json is incorrect. Can you take a look, please?

[Churro]

@rafaela-soares! You're right, thanks for highlighting these issues. I've addressed them now in another commit and it seems to have helped that the tests can finally run through. Obrigado!

[rafaela-soares]

LGTM 🚀 Muito obrigada, @Churro!