feat: trivy template for slack #437

krol3 · 2022-08-09T17:59:03Z

A template for slack to support trivy output.

Here the result

krol3 · 2022-08-09T18:02:06Z

rego-templates/vuls-trivy-slack.rego

+    res := flat_array([
+        headers,
+        vln_list("CRITICAL"), 
+     #   vln_list("HIGH"),


@AndreyLevchenko I need to comment the vln_list, this is a [TODO]

simar7 · 2022-08-10T18:17:20Z

Can you ask @AndreyLevchenko or his team to review this before we merge? Looks like some of these rules are duplicated and can be simplified.

simar7 · 2022-09-12T22:15:45Z

Any update on this @krol3?

krol3 · 2022-09-15T02:01:13Z

Any update on this @krol3?

I have a new version, I will test it and update the PR

simar7 · 2022-09-19T19:04:18Z

rego-templates/trivy-vulns-slack.rego

+	severities := ["CRITICAL", "HIGH", "MEDIUM", "low", "negligible"]
+
+	headers := [
+		{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Image name: %s", [input.ArtifactName])}},


Suggested change

{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Image name: %s", [input.ArtifactName])}},

{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Artifact name: %s", [input.ArtifactName])}},

simar7 · 2022-09-19T19:06:06Z

rego-templates/trivy-vulns-slack.rego

+
+title = sprintf("Vulnerability scan report", []) # title is 
+
+aggregation_pkg := "postee.vuls.slack.trivy.aggregation"


is this used?

yeah! It's by default this fields, it's used in the others templates, title := input.image

I understand, did you forget to check in the aggregate package then? Like this

postee/rego-templates/vuls-slack-aggregation.rego

Lines 1 to 28 in f7fdfa7

package postee.vuls.slack.aggregation

import data.postee.flat_array

title := "Vulnerability scan report"

url := urlsResult {

urls := [ scan |

item:=input[i].url

scan:=[item]

]

urlsResult:= concat("\n", flat_array(urls))

}

result := res {

scans := [ scan |

item:=input[i].description #collection is expected

scan:=array.concat([{"type":"section","text":{"type":"mrkdwn","text": input[i].title}}], item)

]

res:= flat_array(scans)

}

I don't see a postee.vuls.slack.trivy.aggregation rego package (file).

ping @krol3?

ok! make sense! I will added

simar7

I tested it out and it looks great! just left a couple of nits and we can merge.

simar7

l(great)tm!

…y#437) Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.24.3 to 0.24.4. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.24.3...v0.24.4) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

krol3 force-pushed the trivy-template branch from ddd8f13 to 76ae586 Compare August 9, 2022 18:00

krol3 commented Aug 9, 2022

View reviewed changes

krol3 requested a review from AndreyLevchenko September 13, 2022 14:36

krol3 force-pushed the trivy-template branch from 76ae586 to 190cc32 Compare September 19, 2022 00:31

krol3 marked this pull request as ready for review September 19, 2022 00:33

krol3 force-pushed the trivy-template branch from 190cc32 to 4b6814f Compare September 19, 2022 00:34

simar7 reviewed Sep 19, 2022

View reviewed changes

simar7 requested changes Sep 19, 2022

View reviewed changes

krol3 requested a review from simar7 September 19, 2022 21:28

simar7 approved these changes Sep 26, 2022

View reviewed changes

krol3 added 3 commits September 26, 2022 13:19

feat: trivy template for slack

88d87be

chore: artifact name

ae4fcf3

chore: add slack aggregation

bc84f50

simar7 force-pushed the trivy-template branch from a43985c to bc84f50 Compare September 26, 2022 20:19

simar7 merged commit 4970234 into aquasecurity:main Sep 26, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: trivy template for slack #437

feat: trivy template for slack #437

krol3 commented Aug 9, 2022 •

edited

Loading

krol3 Aug 9, 2022

simar7 commented Aug 10, 2022

simar7 commented Sep 12, 2022

krol3 commented Sep 15, 2022

simar7 Sep 19, 2022

simar7 Sep 19, 2022

krol3 Sep 19, 2022

simar7 Sep 19, 2022

simar7 Sep 19, 2022

simar7 Sep 22, 2022

krol3 Sep 23, 2022

simar7 left a comment

simar7 left a comment

	{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Image name: %s", [input.ArtifactName])}},
	{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Artifact name: %s", [input.ArtifactName])}},


		title = sprintf("Vulnerability scan report", []) # title is

		aggregation_pkg := "postee.vuls.slack.trivy.aggregation"

	package postee.vuls.slack.aggregation

	import data.postee.flat_array


	title := "Vulnerability scan report"

	url := urlsResult {
	urls := [ scan \|
	item:=input[i].url

	scan:=[item]
	]

	urlsResult:= concat("\n", flat_array(urls))
	}

	result := res {
	scans := [ scan \|
	item:=input[i].description #collection is expected

	scan:=array.concat([{"type":"section","text":{"type":"mrkdwn","text": input[i].title}}], item)
	]

	res:= flat_array(scans)
	}

feat: trivy template for slack #437

feat: trivy template for slack #437

Conversation

krol3 commented Aug 9, 2022 • edited Loading

Choose a reason for hiding this comment

simar7 commented Aug 10, 2022

simar7 commented Sep 12, 2022

krol3 commented Sep 15, 2022

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

simar7 left a comment

Choose a reason for hiding this comment

simar7 left a comment

Choose a reason for hiding this comment

krol3 commented Aug 9, 2022 •

edited

Loading