protecode

package
v1.154.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2022 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const ReportsDirectory = "protecode"

ReportsDirectory defines the subfolder for the Protecode reports which are generated

Variables

This section is empty.

Functions

func CreateCustomReport

func CreateCustomReport(productName string, productID int, data map[string]int, vulns []Vuln) reporting.ScanReport

func HasFailed

func HasFailed(result ResultData) bool

HasFailed checks the return status of the provided result

func HasSevereVulnerabilities

func HasSevereVulnerabilities(result Result, excludeCVEs string) bool

HasSevereVulnerabilities checks if any non-historic, non-triaged, non-excluded vulnerability has a CVSS score above the defined threshold

func WriteCustomReports

func WriteCustomReports(scanReport reporting.ScanReport, projectName, projectID string) ([]piperutils.Path, error)

func WriteReport

func WriteReport(data ReportData, reportPath string, reportFileName string, result map[string]int, writeToFile func(f string, d []byte, p os.FileMode) error) error

WriteReport ...

Types

type Component

type Component struct {
	Vulns []Vulnerability `json:"vulns,omitempty"`
}

Component the protecode component information

type Options

type Options struct {
	ServerURL string
	Duration  time.Duration
	Username  string
	Password  string
	Logger    *logrus.Entry
}

Options struct which can be used to configure the Protecode struct

type Product

type Product struct {
	ProductID int    `json:"product_id,omitempty"`
	FileName  string `json:"name,omitempty"`
}

Product holds the id of the protecode product

type ProductData

type ProductData struct {
	Products []Product `json:"products,omitempty"`
}

ProductData holds the product information of the protecode product

type Protecode

type Protecode struct {
	// contains filtered or unexported fields
}

Protecode ist the protecode client which is used by the step

func (*Protecode) DeclareFetchURL

func (pc *Protecode) DeclareFetchURL(cleanupMode, group, fetchURL, version string, productID int, replaceBinary bool) *ResultData

DeclareFetchURL configures the fetch url for the protecode scan

func (*Protecode) DeleteScan

func (pc *Protecode) DeleteScan(cleanupMode string, productID int)

DeleteScan deletes if configured the scan on the protecode server

func (*Protecode) LoadExistingProduct

func (pc *Protecode) LoadExistingProduct(group string, fileName string) int

LoadExistingProduct loads the existing product from protecode service

func (*Protecode) LoadReport

func (pc *Protecode) LoadReport(reportFileName string, productID int) *io.ReadCloser

LoadReport loads the report of the protecode scan

func (*Protecode) ParseResultForInflux

func (pc *Protecode) ParseResultForInflux(result Result, excludeCVEs string) (map[string]int, []Vuln)

ParseResultForInflux parses the result from the scan into the internal format

func (*Protecode) PollForResult

func (pc *Protecode) PollForResult(productID int, timeOutInMinutes string) ResultData

PollForResult polls the protecode scan for the result scan

func (*Protecode) SetOptions

func (pc *Protecode) SetOptions(options Options)

SetOptions setter function to set the internal properties of the protecode

func (*Protecode) UploadScanFile

func (pc *Protecode) UploadScanFile(cleanupMode, group, filePath, fileName, version string, productID int, replaceBinary bool) *ResultData

UploadScanFile upload the scan file to the protecode server

func (*Protecode) VerifyProductID

func (pc *Protecode) VerifyProductID(ProductID int) bool

verify provided product id

type ReportData

type ReportData struct {
	Target                      string `json:"target,omitempty"`
	Mandatory                   bool   `json:"mandatory,omitempty"`
	ProductID                   string `json:"productID,omitempty"`
	ServerURL                   string `json:"serverUrl,omitempty"`
	FailOnSevereVulnerabilities bool   `json:"failOnSevereVulnerabilities,omitempty"`
	ExcludeCVEs                 string `json:"excludeCVEs,omitempty"`
	Count                       string `json:"count,omitempty"`
	Cvss2GreaterOrEqualSeven    string `json:"cvss2GreaterOrEqualSeven,omitempty"`
	Cvss3GreaterOrEqualSeven    string `json:"cvss3GreaterOrEqualSeven,omitempty"`
	ExcludedVulnerabilities     string `json:"excludedVulnerabilities,omitempty"`
	TriagedVulnerabilities      string `json:"triagedVulnerabilities,omitempty"`
	HistoricalVulnerabilities   string `json:"historicalVulnerabilities,omitempty"`
	Vulnerabilities             []Vuln `json:"Vulnerabilities,omitempty"`
}

ReportData is representing the data of the step report JSON

type Result

type Result struct {
	ProductID  int         `json:"product_id,omitempty"`
	ReportURL  string      `json:"report_url,omitempty"`
	Status     string      `json:"status,omitempty"`
	Components []Component `json:"components,omitempty"`
}

Result holds the detail information about the protecode result

type ResultData

type ResultData struct {
	Result Result `json:"results,omitempty"`
}

ResultData holds the information about the protecode result

type Triage

type Triage struct {
	ID          int    `json:"id,omitempty"`
	VulnID      string `json:"vuln_id,omitempty"`
	Component   string `json:"component,omitempty"`
	Vendor      string `json:"vendor,omitempty"`
	Codetype    string `json:"codetype,omitempty"`
	Version     string `json:"version,omitempty"`
	Modified    string `json:"modified,omitempty"`
	Scope       string `json:"scope,omitempty"`
	Description string `json:"description,omitempty"`
	User        User   `json:"user,omitempty"`
}

Triage holds the triaging information

type User

type User struct {
	ID        int    `json:"id,omitempty"`
	Email     string `json:"email,omitempty"`
	Girstname string `json:"firstname,omitempty"`
	Lastname  string `json:"lastname,omitempty"`
	Username  string `json:"username,omitempty"`
}

User holds the user information

type Vuln

type Vuln struct {
	Cve        string  `json:"cve,omitempty"`
	Cvss       float64 `json:"cvss,omitempty"`
	Cvss3Score string  `json:"cvss3_score,omitempty"`
}

Vuln holds the inforamtion about the vulnerability

type Vulnerability

type Vulnerability struct {
	Exact  bool     `json:"exact,omitempty"`
	Vuln   Vuln     `json:"vuln,omitempty"`
	Triage []Triage `json:"triage,omitempty"`
}

Vulnerability the protecode vulnerability information

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL