/
main.go
95 lines (84 loc) · 2.06 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
// Ovaldebug is a helper for debugging the ovalutil package.
package main
import (
"context"
"flag"
"fmt"
"net/http"
"net/url"
"os"
"path"
"strings"
"github.com/quay/goval-parser/oval"
"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
"github.com/quay/claircore"
"github.com/quay/claircore/libvuln/driver"
"github.com/quay/claircore/pkg/ovalutil"
"github.com/quay/claircore/rhel"
)
func main() {
flavor := flag.String("flavor", "rpm", "OVAL flavor")
flag.Parse()
if flag.NArg() == 0 {
fmt.Fprintln(os.Stderr, "missing required argument(s): database URLs")
flag.Usage()
os.Exit(1)
}
ctx := context.Background()
log.Logger = zerolog.New(zerolog.NewConsoleWriter(func(w *zerolog.ConsoleWriter) { w.Out = os.Stderr })).
Level(zerolog.DebugLevel)
for _, u := range flag.Args() {
u, err := url.Parse(u)
if err != nil {
log.Fatal().Err(err).Send()
}
ext := strings.TrimPrefix(path.Ext(path.Base(u.Path)), ".")
if ext == "xml" {
ext = ""
}
cmp, err := ovalutil.ParseCompressor(ext)
if err != nil {
log.Fatal().Err(err).Send()
}
f := ovalutil.Fetcher{
Compression: cmp,
URL: u,
Client: http.DefaultClient,
}
rc, _, err := f.Fetch(ctx, "")
if err != nil {
log.Fatal().Err(err).Send()
}
defer rc.Close()
var vs []*claircore.Vulnerability
switch *flavor {
case "rpm":
var u driver.Updater
u, err = rhel.NewUpdater("rhel-test", 8, "file:///dev/null")
if err != nil {
log.Fatal().Err(err).Send()
}
vs, err = u.Parse(ctx, rc)
case "debian":
/*
u := debian.NewUpdater(debian.Buster)
vs, err = u.Parse(ctx, rc)
*/
case "ubuntu":
log.Fatal().Str("flavor", *flavor).Msg("ubuntu unsupported in this tool")
case "dpkg":
log.Fatal().Str("flavor", *flavor).Msg("unimplemented oval flavor")
default:
log.Fatal().Str("flavor", *flavor).Msg("unknown oval flavor")
}
if err != nil {
log.Info().Err(err).Msg("error during extraction")
}
_ = vs
}
}
var _ ovalutil.ProtoVulnsFunc = pf
func pf(def oval.Definition) ([]*claircore.Vulnerability, error) {
return nil, nil
}