Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Vulnerability scanning report to the summaryDetails section #1615

Merged
merged 3 commits into from Mar 1, 2024
Merged

Add Vulnerability scanning report to the summaryDetails section #1615

merged 3 commits into from Mar 1, 2024

Conversation

agarcia-oss
Copy link
Contributor

@agarcia-oss agarcia-oss commented Feb 26, 2024
edited

As discussed in #1601, the json output format is missing the scan image results for a --scan-images execution.

This PR includes a new vulnerabilities section in the report's summaryDetails. The vulnerabilities data follows the same format already defined by the convertToImageScanSummary function in prettyprinter

Since the summaryDetail struct needs to be modified, a follow-up PR will be sent with the changes in the opa-utils repository.

The resulting summary should look like this

"summaryDetails": {
      "controls": {
	}
       "status": "failed",
       "frameworks": [
        ],
	"resourcesSeverityCounters"
	"controlsSeverityCounters"
	"ResourceCounters"
	"vulnerabilities": {
           "mapsSeverityToSummary": {
              "Critical": {
              "numberOfCVEs": 15,
              "numberOfFixableCVEs": 6
           },
          "High": {
              "numberOfCVEs": 128,
              "numberOfFixableCVEs": 48
           },
           "Low": {
              "numberOfCVEs": 18,
              "numberOfFixableCVEs": 8
            },
            "Medium": {
               "numberOfCVEs": 156,
               "numberOfFixableCVEs": 77
            },
           "Negligible": {
               "numberOfCVEs": 159,
               "numberOfFixableCVEs": 1
           },
           "Unknown": {
               "numberOfCVEs": 7,
               "numberOfFixableCVEs": 3
            }
         },
         "CVEs": {},
         "packageScores": {},
         "images": {},
}

@agarcia-oss
Add Vulnerability scanning report to the summaryDetails section
547b833 
Signed-off-by: Alfredo Garcia <algarcia@vmware.com>
@agarcia-oss agarcia-oss mentioned this pull request Feb 26, 2024
Merged
@agarcia-oss agarcia-oss marked this pull request as ready for review February 26, 2024 19:50
@dwertent
Copy link
Contributor

@agarcia-oss Thank you for your contribution!
Please bump the opa-utils version and run go mod tidy (you would need to bump in the base directory and in the httphandler directory)

@agarcia-oss
Copy link
Contributor Author

@agarcia-oss Thank you for your contribution! Please bump the opa-utils version and run go mod tidy (you would need to bump in the base directory and in the httphandler directory)

Opa-utils dependencies updated!

dwertent
dwertent approved these changes Mar 1, 2024
View reviewed changes
Copy link
Contributor

@dwertent dwertent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well done :)

@dwertent dwertent merged commit fad8f2b into kubescape:master Mar 1, 2024
4 checks passed
@agarcia-oss agarcia-oss deleted the feature/image-scan-report branch March 1, 2024 13:38
@chenrui333 chenrui333 mentioned this pull request Mar 2, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwertent dwertent dwertent approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@agarcia-oss @dwertent