-
Notifications
You must be signed in to change notification settings - Fork 0
/
report.go
195 lines (175 loc) · 5.78 KB
/
report.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
/*
Copyright 2024 Drewbernetes.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package trivy
import (
"time"
)
// Severity is used to parse the value from a report into a programmatic value that can be used for comparisons later.
type Severity string
const (
UNKNOWN Severity = "UNKNOWN"
LOW Severity = "LOW"
MEDIUM Severity = "MEDIUM"
HIGH Severity = "HIGH"
CRITICAL Severity = "CRITICAL"
)
//// CheckSeverity compares two severities to see if a threshold has been met. IE: is sev: HIGH >= check: MEDIUM.
//func CheckSeverity(sev, threshold Severity) bool {
// var sevValue, thresholdValue int
// sevValue = parseSeverity(sev)
// thresholdValue = parseSeverity(threshold)
//
// return sevValue >= thresholdValue
//}
// ValidSeverity confirms that the supplied value is a valid severity value.
func ValidSeverity(val Severity) bool {
switch val {
case UNKNOWN:
return true
case LOW:
return true
case MEDIUM:
return true
case HIGH:
return true
case CRITICAL:
return true
}
return false
}
// ParseSeverity takes a Severity and returns everything from that severity value upwards as a string slice
func ParseSeverity(val Severity) []string {
severityList := []string{"UNKNOWN", "LOW", "MEDIUM", "HIGH", "CRITICAL"}
index := -1
for i, v := range severityList {
if Severity(v) == val {
index = i
}
}
return severityList[index:]
}
type ScanFailedReport struct {
VulnerabilityID string `json:"VulnerabilityID"`
Description string `json:"Description"`
PkgName string `json:"PkgName"`
InstalledVersion string `json:"InstalledVersion"`
Severity string `json:"Severity"`
Cvss CVSS `json:"CVSS"`
FixedVersion string `json:"FixedVersion"`
}
// Report and all its sub-structs is used to unmarshal the json reports into a usable format.
type Report struct {
Name string `json:"name"`
ShortName string `json:"short_name"`
SchemaVersion int `json:"SchemaVersion"`
ArtifactName string `json:"ArtifactName"`
ArtifactType string `json:"ArtifactType"`
Metadata struct {
Os struct {
Family string `json:"Family"`
Name string `json:"Name"`
} `json:"OS"`
ImageConfig struct {
Architecture string `json:"architecture"`
Created time.Time `json:"created"`
Os string `json:"os"`
Rootfs struct {
Type string `json:"type"`
DiffIds any `json:"diff_ids"`
} `json:"rootfs"`
Config struct {
} `json:"config"`
} `json:"ImageConfig"`
} `json:"Metadata"`
Results []struct {
Target string `json:"Target"`
Class string `json:"Class"`
Type string `json:"Type"`
Vulnerabilities []Vulnerabilities `json:"Vulnerabilities"`
Secrets []Secrets `json:"Secrets"`
} `json:"Results"`
}
// CVSS stores all the score data from different sources within the Trivy report.
type CVSS struct {
Ghsa *Score `json:"ghsa"`
Nvd *Score `json:"nvd"`
Redhat *Score `json:"redhat"`
}
// Score contains the score values and vectors from a Trivy report.
type Score struct {
V2Vector string `json:"V2Vector"`
V3Vector string `json:"V3Vector"`
V2Score float64 `json:"V2Score"`
V3Score float64 `json:"V3Score"`
}
// Vulnerabilities contains the vulnerability information from a Trivy report.
type Vulnerabilities struct {
VulnerabilityID string `json:"VulnerabilityID"`
PkgID string `json:"PkgID"`
PkgName string `json:"PkgName"`
InstalledVersion string `json:"InstalledVersion"`
Layer struct {
Digest string `json:"Digest"`
DiffID string `json:"DiffID"`
} `json:"layer"`
SeveritySource string `json:"SeveritySource"`
PrimaryURL string `json:"PrimaryURL"`
DataSource struct {
ID string `json:"ID"`
Name string `json:"Name"`
URL string `json:"URL"`
} `json:"DataSource"`
Title string `json:"Title"`
Description string `json:"Description"`
Severity string `json:"Severity"`
CweIDs []string `json:"CweIDs"`
Cvss CVSS `json:"CVSS"`
References []string `json:"References"`
PublishedDate time.Time `json:"PublishedDate"`
LastModifiedDate time.Time `json:"LastModifiedDate"`
FixedVersion string `json:"FixedVersion"`
}
// Secrets contains the secret information from a Trivy report.
type Secrets struct {
RuleID string `json:"RuleID"`
Category string `json:"Category"`
Severity string `json:"Severity"`
Title string `json:"Title"`
StartLine int `json:"StartLine"`
EndLine int `json:"EndLine"`
Code struct {
Lines []struct {
Number int `json:"Number"`
Content string `json:"Content"`
IsCause bool `json:"IsCause"`
Annotation string `json:"Annotation"`
Truncated bool `json:"Truncated"`
Highlighted string `json:"Highlighted"`
FirstCause bool `json:"FirstCause"`
LastCause bool `json:"LastCause"`
} `json:"Lines"`
} `json:"Code"`
Match string `json:"Match"`
Layer struct {
Digest string `json:"Digest"`
DiffID string `json:"DiffID"`
} `json:"Layer"`
}
// Month is used in reports parsing. It is contained within a Year and contains multiple trivy.Report(s).
type Month struct {
Reports map[string]Report
}
// Year is used in reports parsing. It is the top level and contains multiple Month(s).
type Year struct {
Months map[string]Month
}