Merge pull request #21 from lacework-dev/add-polygraph-image

add capability to embed images from filesystem + add polygraph image to csa report

common/__init__.py

@@ -0,0 +1,4 @@
+def bytes_to_image_tag(img_bytes,format):
+	import base64
+	b64content = base64.b64encode(img_bytes).decode('utf-8')
+	return f"<img src='data:image/{format};base64,{b64content}'/>"

generate_report.py

@@ -40,13 +40,18 @@ class _shared:
         def __init__(self):
             import providers.lacework as p_lw
             import providers.lacework_cached as p_lw_cached
+            import providers.local_asset as p_local_asset
             import transformers.lacework as t_lw
             import graphics.lacework.plotly as g_lw_plotly
-
+            import providers.local_asset as p_local_asset
+            import common
+
             self.p_lw = p_lw
             self.p_lw_cached = p_lw_cached
+            self.p_local_asset = p_local_asset
             self.t_lw = t_lw
-            self.g_lw_plotly = g_lw_plotly 
+            self.g_lw_plotly = g_lw_plotly
+            self.common = common
             self._now = datetime.now(timezone.utc)
             self._25_hours_ago = self._now - timedelta(hours = 25)
             self._7_days_ago = self._now - timedelta(days = 7)

graphics/lacework/plotly/__init__.py

@@ -1,6 +1 @@
 from .host_vulns_by_severity_bar import host_vulns_by_severity_bar
-
-def bytes_to_image_tag(img_bytes):
-	import base64
-	b64content = base64.b64encode(img_bytes).decode('utf-8')
-	return f"<img src='data:image/svg+xml;base64,{b64content}'/>"

providers/local_asset/__init__.py

@@ -0,0 +1 @@
+from .local_file import local_file

providers/local_asset/local_file.py

@@ -0,0 +1,4 @@
+def local_file(path):
+	with open(path, "rb") as in_file:
+	    file_bytes = in_file.read()
+	return file_bytes

reports/jinja2/csa_report.html

@@ -111,6 +111,9 @@ <h2>Executive Summary</h2>
 		<li>Accelerate security throughout development with less effort</li>
 	</ul>
 
+	<div>
+		{{ polygraph_graphic_html | safe }}
+	</div>
 	{% if host_vulns_data or container_vulns_data %}
 		<h2>Workload Vulnerability Assessment</h2>
 		<p>

reports/jinja2/csa_report.py

@@ -13,6 +13,9 @@ def generate_report(_shared, report_save_path, use_cached_data):
     container_vulns_data = gather_container_vulns_data(_shared, lw_provider)
     compliance_data = gather_compliance_data(_shared, lw_provider)
 
+    polygraph_graphic_bytes = _shared.p_local_asset.local_file(os.path.join(os.getcwd(), 'assets/lacework/images/polygraph-info.png'))
+    polygraph_graphic_html = _shared.common.bytes_to_image_tag(polygraph_graphic_bytes,'png')
+
     templateLoader = jinja2.FileSystemLoader(searchpath=os.path.dirname(__file__))
     templateEnv = jinja2.Environment(loader=templateLoader, autoescape=True, trim_blocks=True, lstrip_blocks=True)
     TEMPLATE_FILE = "csa_report.html"
@@ -21,6 +24,7 @@ def generate_report(_shared, report_save_path, use_cached_data):
         customer                                   = _shared.cli_data['customer'],
         date                                       = datetime.now().strftime("%A %B %d, %Y"),
         author                                     = _shared.cli_data['author'],
+        polygraph_graphic_html                     = polygraph_graphic_html,
         compliance_data                            = compliance_data,
         host_vulns_data                            = host_vulns_data,
         container_vulns_data                       = container_vulns_data,
@@ -45,7 +49,7 @@ def gather_host_vulns_data(_shared, lw_provider):
 
     # get graphics
     host_vulns_summary_bar_graphic = _shared.g_lw_plotly.host_vulns_by_severity_bar(host_vulns_summary_data, width=750)
-    host_vulns_summary_bar_graphic = _shared.g_lw_plotly.bytes_to_image_tag(host_vulns_summary_bar_graphic)
+    host_vulns_summary_bar_graphic = _shared.common.bytes_to_image_tag(host_vulns_summary_bar_graphic,'svg+xml')
 
     return {
         'hosts_scanned_count': _shared.t_lw.host_vulns_total_evaluated(host_vulns),

reports/jinja2/host_vulns_report.py

@@ -22,7 +22,7 @@ def generate_report(_shared, report_save_path, use_cached_data):
 
     host_vulns_summary = _shared.t_lw.host_vulns_summary(host_vulns)
     host_vulns_summary_bar_graphic = _shared.g_lw_plotly.host_vulns_by_severity_bar(host_vulns_summary, width=720)
-    host_vulns_summary_bar_graphic = _shared.g_lw_plotly.bytes_to_image_tag(host_vulns_summary_bar_graphic)
+    host_vulns_summary_bar_graphic = _shared.common.bytes_to_image_tag(host_vulns_summary_bar_graphic,'svg+xml')
 
     templateLoader = jinja2.FileSystemLoader(searchpath=os.path.dirname(__file__))
     templateEnv = jinja2.Environment(loader=templateLoader, autoescape=True)

reports/test/asset.py

@@ -0,0 +1,28 @@
+import json
+import os
+
+import logging
+logger = logging.getLogger(__name__)
+
+def generate_report(_shared, report_save_path, use_cached_data):
+    import jinja2
+
+    graphic_bytes = _shared.p_local_asset.local_file(os.path.join(os.getcwd(), 'assets/lacework/images/polygraph-info.png'))
+    graphic_html = _shared.common.bytes_to_image_tag(graphic_bytes,'png')
+
+    data = {
+        'graphic': graphic_html
+    }
+
+    templateLoader = jinja2.FileSystemLoader(searchpath=os.path.dirname(__file__))
+    templateEnv = jinja2.Environment(loader=templateLoader, autoescape=True, trim_blocks=True, lstrip_blocks=True)
+    TEMPLATE_FILE = "template.html"
+    template = templateEnv.get_template(TEMPLATE_FILE)
+    html = template.render(
+        data = data
+    )
+
+    logger.info('Saving report to: ' + report_save_path)
+
+    with open(report_save_path, 'w') as file:
+        file.write(html)