Skip to content

Commit

Permalink
feat: Add Common Weakness Enumeration (CWE) identifiers to vulnerabil…
Browse files Browse the repository at this point in the history 
…ity report (#146)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
  • Loading branch information
@danielpacak
danielpacak committed Dec 14, 2020
1 parent 7c7e834 commit e2d181a
Show file tree
Hide file tree
Showing 8 changed files with 25 additions and 13 deletions.
2 changes: 1 addition & 1 deletion Dockerfile
View file
@@ -1,5 +1,5 @@
# That's the only place where you're supposed to specify version of Trivy.
ARG TRIVY_VERSION=0.13.0
ARG TRIVY_VERSION=0.14.0

FROM aquasec/trivy:${TRIVY_VERSION}

Expand Down
4 changes: 2 additions & 2 deletions go.mod
View file
Expand Up @@ -5,7 +5,7 @@ go 1.14
require (
github.com/FZambia/sentinel v1.1.0
github.com/caarlos0/env/v6 v6.3.0
github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661
github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible
github.com/docker/go-connections v0.4.0
github.com/gocraft/work v0.5.1
github.com/gomodule/redigo v2.0.0+incompatible
Expand All @@ -15,7 +15,7 @@ require (
github.com/robfig/cron v1.2.0 // indirect
github.com/sirupsen/logrus v1.6.0
github.com/stretchr/testify v1.6.1
github.com/testcontainers/testcontainers-go v0.7.0
github.com/testcontainers/testcontainers-go v0.9.0
golang.org/x/net v0.0.0-20190613194153-d28f0bde5980
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
)
18 changes: 10 additions & 8 deletions go.sum
View file
Expand Up @@ -22,15 +22,17 @@ github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH
github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/containerd/containerd v1.4.1 h1:pASeJT3R3YyVn+94qEPk0SnU1OQ20Jd/T+SPKy9xehY=
github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc h1:TP+534wVlf61smEIq1nwLLAjQVEK2EADoW3CX9AuT+8=
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible h1:dvc1KSkIYTVjZgHf/CTC2diTYC8PzhaA5sFISRfNVrE=
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661 h1:ZuxGvIvF01nfc/G9RJ5Q7Va1zQE2WJyG18Zv3DqCEf4=
github.com/docker/docker v0.7.3-0.20190506211059-b20a14b54661/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible h1:SiUATuP//KecDjpOK2tvZJgeScYAklvyjfK8JZlU6fo=
github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
github.com/docker/go-units v0.3.3 h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk=
Expand All @@ -47,8 +49,8 @@ github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvSc
github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8=
github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA=
github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI=
github.com/go-redis/redis v6.15.8+incompatible h1:BKZuG6mCnRj5AOaWJXoCgf6rqTYnYJLe4en2hxT7r9o=
github.com/go-redis/redis v6.15.8+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
github.com/go-redis/redis v6.15.9+incompatible h1:K0pv1D7EQUjfyoMql+r/jZqCLizCGKFlFgcHWWmHQjg=
github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
Expand All @@ -71,8 +73,8 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
github.com/gorilla/mux v1.7.4 h1:VuZ8uybHlWmqV03+zRzdwKL4tUnIp1MAQtp1mIFE1bc=
Expand Down Expand Up @@ -151,8 +153,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/testcontainers/testcontainers-go v0.7.0 h1:IaAsq5JY49GhDgCUKY87mo6JeOLOwp321iEP/SQjJKE=
github.com/testcontainers/testcontainers-go v0.7.0/go.mod h1:4dloDPrC94+8ebXA+Iei3Jy+gxF6uHQssJkB3mlP9Rg=
github.com/testcontainers/testcontainers-go v0.9.0 h1:ZyftCfROjGrKlxk3MOUn2DAzWrUtzY/mj17iAkdUIvI=
github.com/testcontainers/testcontainers-go v0.9.0/go.mod h1:b22BFXhRbg4PJmeMVWh6ftqjyZHgiIl3w274e9r3C2E=
github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
Expand Down
1 change: 1 addition & 0 deletions pkg/harbor/model.go
View file
Expand Up @@ -133,6 +133,7 @@ type VulnerabilityItem struct {
Links []string `json:"links"`
Layer *Layer `json:"layer"`
CVSS map[string]CVSSInfo `json:"cvss,omitempty"`
CweIDs []string `json:"cwe_ids,omitempty"`
}

type ScannerAdapterMetadata struct {
Expand Down
1 change: 1 addition & 0 deletions pkg/scan/transformer.go
View file
Expand Up @@ -53,6 +53,7 @@ func (t *transformer) Transform(artifact harbor.Artifact, source trivy.ScanRepor
Links: t.toLinks(v.References),
Layer: t.toHarborLayer(v.Layer),
CVSS: t.toHarborCVSS(v.CVSS),
CweIDs: v.CweIDs,
}
}

Expand Down
9 changes: 8 additions & 1 deletion pkg/scan/transformer_test.go
View file
Expand Up @@ -6,7 +6,6 @@ import (

"github.com/aquasecurity/harbor-scanner-trivy/pkg/harbor"
"github.com/aquasecurity/harbor-scanner-trivy/pkg/trivy"

"github.com/stretchr/testify/assert"
)

Expand Down Expand Up @@ -55,6 +54,10 @@ func TestTransformer_Transform(t *testing.T) {
V3Score: 5.5,
},
},
CweIDs: []string{
"CWE-20",
"CWE-1289",
},
},
{
VulnerabilityID: "CVE-0000-0002",
Expand Down Expand Up @@ -154,6 +157,10 @@ func TestTransformer_Transform(t *testing.T) {
V3Score: 5.5,
},
},
CweIDs: []string{
"CWE-20",
"CWE-1289",
},
},
{
ID: "CVE-0000-0002",
Expand Down
1 change: 1 addition & 0 deletions pkg/trivy/model.go
View file
Expand Up @@ -47,6 +47,7 @@ type Vulnerability struct {
References []string `json:"References"`
Layer *Layer `json:"Layer"`
CVSS map[string]CVSSInfo `json:"CVSS"`
CweIDs []string `json:"CweIDs"`
}

func ScanReportFrom(reportFile io.Reader) (report ScanReport, err error) {
Expand Down
2 changes: 1 addition & 1 deletion test/component/component_test.go
View file
Expand Up @@ -22,7 +22,7 @@ import (
)

var (
trivyScanner = harbor.Scanner{Name: "Trivy", Vendor: "Aqua Security", Version: "0.13.0"}
trivyScanner = harbor.Scanner{Name: "Trivy", Vendor: "Aqua Security", Version: "0.14.0"}
)

const (
Expand Down

0 comments on commit e2d181a

Please sign in to comment.