Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: trivy template for slack #437

Merged
merged 3 commits into from
Sep 26, 2022
Merged

feat: trivy template for slack #437

merged 3 commits into from
Sep 26, 2022

Conversation

krol3
Copy link
Contributor

@krol3 krol3 commented Aug 9, 2022
edited
Loading

A template for slack to support trivy output.

Here the result

Screen Shot 2022-09-18 at 21 32 33

Thanks @AndreyLevchenko

krol3
krol3 commented Aug 9, 2022
View reviewed changes
rego-templates/vuls-trivy-slack.rego Outdated
res := flat_array([
headers,
vln_list("CRITICAL"),
# vln_list("HIGH"),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AndreyLevchenko I need to comment the vln_list, this is a [TODO]

@simar7
Copy link
Member

simar7 commented Aug 10, 2022

Can you ask @AndreyLevchenko or his team to review this before we merge? Looks like some of these rules are duplicated and can be simplified.

@simar7
Copy link
Member

simar7 commented Sep 12, 2022

Any update on this @krol3?

@krol3
Copy link
Contributor Author

krol3 commented Sep 15, 2022

Any update on this @krol3?

I have a new version, I will test it and update the PR

@krol3 krol3 marked this pull request as ready for review September 19, 2022 00:33
simar7
simar7 reviewed Sep 19, 2022
View reviewed changes
rego-templates/trivy-vulns-slack.rego Outdated
severities := ["CRITICAL", "HIGH", "MEDIUM", "low", "negligible"]

headers := [
{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Image name: %s", [input.ArtifactName])}},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Image name: %s", [input.ArtifactName])}},
{"type": "section", "text": {"type": "mrkdwn", "text": sprintf("Artifact name: %s", [input.ArtifactName])}},

simar7
simar7 reviewed Sep 19, 2022
View reviewed changes
rego-templates/trivy-vulns-slack.rego

title = sprintf("Vulnerability scan report", []) # title is

aggregation_pkg := "postee.vuls.slack.trivy.aggregation"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah! It's by default this fields, it's used in the others templates, title := input.image

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand, did you forget to check in the aggregate package then? Like this

postee/rego-templates/vuls-slack-aggregation.rego

Lines 1 to 28 in f7fdfa7

package postee.vuls.slack.aggregation
import data.postee.flat_array
title := "Vulnerability scan report"
url := urlsResult {
urls := [ scan |
item:=input[i].url
scan:=[item]
]
urlsResult:= concat("\n", flat_array(urls))
}
result := res {
scans := [ scan |
item:=input[i].description #collection is expected
scan:=array.concat([{"type":"section","text":{"type":"mrkdwn","text": input[i].title}}], item)
]
res:= flat_array(scans)
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see a postee.vuls.slack.trivy.aggregation rego package (file).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ping @krol3?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok! make sense! I will added

simar7
simar7 requested changes Sep 19, 2022
View reviewed changes
Copy link
Member

@simar7 simar7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested it out and it looks great! just left a couple of nits and we can merge.

@krol3 krol3 requested a review from simar7 September 19, 2022 21:28
simar7
simar7 approved these changes Sep 26, 2022
View reviewed changes
Copy link
Member

@simar7 simar7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

l(great)tm!

@simar7 simar7 merged commit 4970234 into aquasecurity:main Sep 26, 2022
kairi003 pushed a commit to kairi003/postee that referenced this pull request Oct 18, 2022
@dependabot
build(deps): bump k8s.io/client-go from 0.24.3 to 0.24.4 (aquasecurit…
ed5a483 
…y#437)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.24.3 to 0.24.4.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.24.3...v0.24.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simar7 simar7 simar7 approved these changes

@AndreyLevchenko AndreyLevchenko Awaiting requested review from AndreyLevchenko

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@krol3 @simar7