8000 #2324 Adapt 'location' attribute in Trivy parser to match a URL format by BorisShek · Pull Request #2725 · secureCodeBox/secureCodeBox · GitHub
[go: up one dir, main page]
Skip to content

#2324 Adapt 'location' attribute in Trivy parser to match a URL format #2725

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
J12934 merged 5 commits into from
Nov 28, 2024
Merged

#2324 Adapt 'location' attribute in Trivy parser to match a URL format #2725

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0af9b5b
#2324 Adapt 'location' attribute in Trivy parser
BorisShek Oct 21, 2024
db09c4c
#2324 Update test snapshot for new 'location' format in Trivy parser
BorisShek Oct 21, 2024
c2e3856
#2324 Adapt 'location' attribute for ImageScanResults of Trivy parser
BorisShek Oct 25, 2024
e00ea93
#2324 Update the Trivy documentation to include the new URL format fo…
BorisShek Nov 8, 2024
c8ac750
#2324 Update the Trivy parser snapshot to adapt the URL format for th…
BorisShek Nov 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...in/java/io/securecodebox/persistence/mapping/SecureCodeBoxFindingsToDefectDojoMapper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ private void setFindingLocation(SecureCodeBoxFinding secureCodeBoxFinding, Defec
URI.create(secureCodeBoxFinding.getLocation());
result.setEndpoints(Collections.singletonList(secureCodeBoxFinding.getLocation()));
} catch (IllegalArgumentException e) {
log.warn("Couldn't parse the secureCodeBox location, because it: {} is not a vailid uri: {}", e, secureCodeBoxFinding.getLocation());
log.warn("Couldn't parse the secureCodeBox location, because it: {} is not a valid uri: {}", e, secureCodeBoxFinding.getLocation());
}
}
}
Expand Down
19 changes: 19 additions & 0 deletions scanners/trivy/.helm-docs.gotmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,25 @@ One way to avoid that is to [preemptively download](https://aquasecurity.github.
:::

In case only a single scan or very few are run, and you want to avoid the small performance overhead, client/server mode can be disabled by setting `--set="trivyDatabaseCache.enabled=false"` during helm install.

## Parser specifics
Our parser customizes the format of Trivy scan results by using a unique `location` attribute that employs a custom URL format (`scb://trivy/`) with URL parameters. These parameters are extracted from the corresponding scan result file attributes and vary depending on the type of scan performed — either a Kubernetes (K8S) resource scan or a container image scan.

### URL Format Patterns
#### For Kubernetes (K8S) Resource Scans:
`scb://trivy/?ClusterName=<ClusterName>&Namespace=<Namespace>&Kind=<Kind>&Name=<Name>`

##### Parameters:
- ClusterName: The name of the Kubernetes cluster (optional).
- Namespace: The namespace within the cluster (optional).
- Kind: The type of Kubernetes resource (e.g., Deployment, Service, Pod).
- Name: The name of the resource.

#### For Container Image Scans:
`scb://trivy/?ArtifactName=<ArtifactName>`

##### Parameter:
- ArtifactName: The name (and optionally the tag) of the container image.
{{- end }}

{{- define "extra.chartConfigurationSection" -}}
Expand Down
Loading
0