From 83d1f80959307f189bb0e4571f22f2dd0d669354 Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Sat, 26 Dec 2020 08:52:45 +0900 Subject: [PATCH] chore(report): remove stride and hipchat support (#1104) --- config/config.go | 67 +---------------------------------- config/tomlloader.go | 2 -- models/cvecontents.go | 2 +- report/hipchat.go | 74 --------------------------------------- report/report.go | 2 +- report/stride.go | 81 ------------------------------------------- saas/uuid.go | 14 -------- subcmds/discover.go | 10 ------ subcmds/report.go | 12 ------- 9 files changed, 3 insertions(+), 261 deletions(-) delete mode 100644 report/hipchat.go delete mode 100644 report/stride.go diff --git a/config/config.go b/config/config.go index c46508fe2e..53a0a8b70f 100644 --- a/config/config.go +++ b/config/config.go @@ -126,16 +126,12 @@ type Config struct { Syslog SyslogConf `json:"-"` AWS AWS `json:"-"` Azure Azure `json:"-"` - Stride StrideConf `json:"-"` - HipChat HipChatConf `json:"-"` ChatWork ChatWorkConf `json:"-"` Telegram TelegramConf `json:"-"` Saas SaasConf `json:"-"` RefreshCve bool `json:"refreshCve,omitempty"` ToSlack bool `json:"toSlack,omitempty"` - ToStride bool `json:"toStride,omitempty"` - ToHipChat bool `json:"toHipChat,omitempty"` ToChatWork bool `json:"toChatWork,omitempty"` ToTelegram bool `json:"ToTelegram,omitempty"` ToEmail bool `json:"toEmail,omitempty"` @@ -282,18 +278,10 @@ func (c Config) ValidateOnReport() bool { errs = append(errs, slackerrs...) } - if hipchaterrs := c.HipChat.Validate(); 0 < len(hipchaterrs) { - errs = append(errs, hipchaterrs...) - } - if chatworkerrs := c.ChatWork.Validate(); 0 < len(chatworkerrs) { errs = append(errs, chatworkerrs...) } - if strideerrs := c.Stride.Validate(); 0 < len(strideerrs) { - errs = append(errs, strideerrs...) - } - if telegramerrs := c.Telegram.Validate(); 0 < len(telegramerrs) { errs = append(errs, telegramerrs...) } @@ -441,33 +429,6 @@ func (c *SMTPConf) Validate() (errs []error) { return } -// StrideConf is stride config -type StrideConf struct { - HookURL string `json:"-"` - AuthToken string `json:"-"` -} - -// Validate validates configuration -func (c *StrideConf) Validate() (errs []error) { - if !Conf.ToStride { - return - } - - if len(c.HookURL) == 0 { - errs = append(errs, xerrors.New("stride.HookURL must not be empty")) - } - - if len(c.AuthToken) == 0 { - errs = append(errs, xerrors.New("stride.AuthToken must not be empty")) - } - - _, err := valid.ValidateStruct(c) - if err != nil { - errs = append(errs, err) - } - return -} - // SlackConf is slack config type SlackConf struct { HookURL string `valid:"url" json:"-" toml:"hookURL,omitempty"` @@ -511,32 +472,6 @@ func (c *SlackConf) Validate() (errs []error) { return } -// HipChatConf is HipChat config -type HipChatConf struct { - AuthToken string `json:"-"` - Room string `json:"-"` -} - -// Validate validates configuration -func (c *HipChatConf) Validate() (errs []error) { - if !Conf.ToHipChat { - return - } - if len(c.Room) == 0 { - errs = append(errs, xerrors.New("hipchat.room must not be empty")) - } - - if len(c.AuthToken) == 0 { - errs = append(errs, xerrors.New("hipchat.AuthToken must not be empty")) - } - - _, err := valid.ValidateStruct(c) - if err != nil { - errs = append(errs, err) - } - return -} - // ChatWorkConf is ChatWork config type ChatWorkConf struct { APIToken string `json:"-"` @@ -589,7 +524,7 @@ func (c *TelegramConf) Validate() (errs []error) { return } -// SaasConf is stride config +// SaasConf is FutureVuls config type SaasConf struct { GroupID int64 `json:"-"` Token string `json:"-"` diff --git a/config/tomlloader.go b/config/tomlloader.go index d760be2be9..2b4b4e2f06 100644 --- a/config/tomlloader.go +++ b/config/tomlloader.go @@ -21,8 +21,6 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error { } Conf.EMail = conf.EMail Conf.Slack = conf.Slack - Conf.Stride = conf.Stride - Conf.HipChat = conf.HipChat Conf.ChatWork = conf.ChatWork Conf.Telegram = conf.Telegram Conf.Saas = conf.Saas diff --git a/models/cvecontents.go b/models/cvecontents.go index 4e59c69ef5..191ae0baa5 100644 --- a/models/cvecontents.go +++ b/models/cvecontents.go @@ -83,7 +83,7 @@ func (v CveContents) PrimarySrcURLs(lang, myFamily, cveID string) (values []CveC return values } -// PrimarySrcURLs returns link of source +// PatchURLs returns link of patch func (v CveContents) PatchURLs() (urls []string) { cont, found := v[Nvd] if !found { diff --git a/report/hipchat.go b/report/hipchat.go deleted file mode 100644 index 19aa06ad7b..0000000000 --- a/report/hipchat.go +++ /dev/null @@ -1,74 +0,0 @@ -package report - -import ( - "fmt" - "net/http" - "net/url" - "strconv" - "strings" - - "github.com/future-architect/vuls/config" - "github.com/future-architect/vuls/models" -) - -// HipChatWriter send report to HipChat -type HipChatWriter struct{} - -func (w HipChatWriter) Write(rs ...models.ScanResult) (err error) { - conf := config.Conf.HipChat - - for _, r := range rs { - serverInfo := fmt.Sprintf("%s", r.ServerInfo()) - if err = postMessage(conf.Room, conf.AuthToken, serverInfo); err != nil { - return err - } - - for _, vinfo := range r.ScannedCves { - maxCvss := vinfo.MaxCvssScore() - severity := strings.ToUpper(maxCvss.Value.Severity) - if severity == "" { - severity = "?" - } - - message := fmt.Sprintf(` %s
%s (%s)
%s`, - vinfo.CveID, - vinfo.CveID, - strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64), - severity, - vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value, - ) - - if err = postMessage(conf.Room, conf.AuthToken, message); err != nil { - return err - } - } - - } - return nil -} - -func postMessage(room, token, message string) error { - uri := fmt.Sprintf("https://api.hipchat.com/v2/room/%s/notification?auth_token=%s", room, token) - - payload := url.Values{ - "color": {"purple"}, - "message_format": {"html"}, - "message": {message}, - } - reqs, err := http.NewRequest("POST", uri, strings.NewReader(payload.Encode())) - if err != nil { - return err - } - - reqs.Header.Add("Content-Type", "application/x-www-form-urlencoded") - - client := &http.Client{} - - resp, err := client.Do(reqs) - if err != nil { - return err - } - defer resp.Body.Close() - - return nil -} diff --git a/report/report.go b/report/report.go index e608f330b1..c0feb416e7 100644 --- a/report/report.go +++ b/report/report.go @@ -153,7 +153,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode return rs, nil } -// DetectPkgCVEs detects OS pkg cves +// DetectPkgCves detects OS pkg cves func DetectPkgCves(dbclient DBClient, r *models.ScanResult) error { // Pkg Scan if r.Release != "" { diff --git a/report/stride.go b/report/stride.go deleted file mode 100644 index 11e62b140b..0000000000 --- a/report/stride.go +++ /dev/null @@ -1,81 +0,0 @@ -package report - -import ( - "bytes" - "fmt" - "net/http" - - "strconv" - "strings" - - "github.com/future-architect/vuls/config" - "github.com/future-architect/vuls/models" -) - -// StrideWriter send report to Stride -type StrideWriter struct{} -type strideSender struct{} - -func (w StrideWriter) Write(rs ...models.ScanResult) (err error) { - conf := config.Conf.Stride - - for _, r := range rs { - w := strideSender{} - - serverInfo := fmt.Sprintf("%s", r.ServerInfo()) - message := fmt.Sprintf(`{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":" %s "}]}]}}`, - serverInfo, - ) - if err = w.sendMessage(conf.HookURL, conf.AuthToken, message); err != nil { - return err - } - - for _, vinfo := range r.ScannedCves { - maxCvss := vinfo.MaxCvssScore() - severity := strings.ToUpper(maxCvss.Value.Severity) - if severity == "" { - severity = "?" - } - - message = fmt.Sprintf(`{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":" %s ","marks": [ { "type": "link", "attrs": { "href": "https://nvd.nist.gov/vuln/detail/%s", "title": "cve" } } ]}]}]}}`, - vinfo.CveID, - vinfo.CveID, - ) - if err = w.sendMessage(conf.HookURL, conf.AuthToken, message); err != nil { - return err - } - - message = fmt.Sprintf(`{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":" %s (%s) "}]}]}}`, - strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64), - severity, - ) - if err = w.sendMessage(conf.HookURL, conf.AuthToken, message); err != nil { - return err - } - - message = fmt.Sprintf(`{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":" %s "}]}]}}`, - vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value, - ) - if err = w.sendMessage(conf.HookURL, conf.AuthToken, message); err != nil { - return err - } - } - } - return nil -} - -func (w strideSender) sendMessage(uri, token, jsonStr string) error { - reqs, err := http.NewRequest("POST", uri, bytes.NewBuffer([]byte(jsonStr))) - if err != nil { - return err - } - reqs.Header.Add("Content-Type", "application/json") - reqs.Header.Add("Authorization", "Bearer "+token) - client := &http.Client{} - resp, err := client.Do(reqs) - if err != nil { - return err - } - defer resp.Body.Close() - return nil -} diff --git a/saas/uuid.go b/saas/uuid.go index 6bf67d3612..4935e91a84 100644 --- a/saas/uuid.go +++ b/saas/uuid.go @@ -152,16 +152,6 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) { azure = nil } - stride := &c.Conf.Stride - if stride.HookURL == "" { - stride = nil - } - - hipChat := &c.Conf.HipChat - if hipChat.AuthToken == "" { - hipChat = nil - } - chatWork := &c.Conf.ChatWork if chatWork.APIToken == "" { chatWork = nil @@ -184,8 +174,6 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) { Syslog *c.SyslogConf `toml:"syslog"` AWS *c.AWS `toml:"aws"` Azure *c.Azure `toml:"azure"` - Stride *c.StrideConf `toml:"stride"` - HipChat *c.HipChatConf `toml:"hipChat"` ChatWork *c.ChatWorkConf `toml:"chatWork"` Saas *c.SaasConf `toml:"saas"` @@ -203,8 +191,6 @@ func EnsureUUIDs(configPath string, results models.ScanResults) (err error) { Syslog: syslog, AWS: aws, Azure: azure, - Stride: stride, - HipChat: hipChat, ChatWork: chatWork, Saas: saas, diff --git a/subcmds/discover.go b/subcmds/discover.go index 2c73b84aae..4c15dceb5e 100644 --- a/subcmds/discover.go +++ b/subcmds/discover.go @@ -149,16 +149,6 @@ sqlite3Path = "/path/to/go-msfdb.sqlite3" #accountKey = "xxxxxxxxxxxxxx" #containerName = "vuls" -# https://vuls.io/docs/en/usage-settings.html#stride-section -#[stride] -#hookURL = "xxxxxxxxxxxxxxx" -#authToken = "xxxxxxxxxxxxxx" - -# https://vuls.io/docs/en/usage-settings.html#hipchat-section -#[hipchat] -#room = "vuls" -#authToken = "xxxxxxxxxxxxxx" - # https://vuls.io/docs/en/usage-settings.html#chatwork-section #[chatwork] #room = "xxxxxxxxxxx" diff --git a/subcmds/report.go b/subcmds/report.go index 793bfd0b76..687aba6d2d 100644 --- a/subcmds/report.go +++ b/subcmds/report.go @@ -51,8 +51,6 @@ func (*ReportCmd) Usage() string { [-to-email] [-to-http] [-to-slack] - [-to-stride] - [-to-hipchat] [-to-chatwork] [-to-telegram] [-to-localfile] @@ -134,8 +132,6 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) { "Detail report in plain text") f.BoolVar(&c.Conf.ToSlack, "to-slack", false, "Send report via Slack") - f.BoolVar(&c.Conf.ToStride, "to-stride", false, "Send report via Stride") - f.BoolVar(&c.Conf.ToHipChat, "to-hipchat", false, "Send report via hipchat") f.BoolVar(&c.Conf.ToChatWork, "to-chatwork", false, "Send report via chatwork") f.BoolVar(&c.Conf.ToTelegram, "to-telegram", false, "Send report via Telegram") f.BoolVar(&c.Conf.ToEmail, "to-email", false, "Send report via Email") @@ -297,14 +293,6 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{} reports = append(reports, report.SlackWriter{}) } - if c.Conf.ToStride { - reports = append(reports, report.StrideWriter{}) - } - - if c.Conf.ToHipChat { - reports = append(reports, report.HipChatWriter{}) - } - if c.Conf.ToChatWork { reports = append(reports, report.ChatWorkWriter{}) }