-
Notifications
You must be signed in to change notification settings - Fork 146
Expand file tree
/
Copy pathlist.go
More file actions
116 lines (104 loc) · 4.13 KB
/
list.go
File metadata and controls
116 lines (104 loc) · 4.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package vulnerability
import (
"fmt"
"github.com/goharbor/go-client/pkg/sdk/v2.0/models"
"github.com/goharbor/harbor-cli/pkg/api"
"github.com/goharbor/harbor-cli/pkg/utils"
vulnlist "github.com/goharbor/harbor-cli/pkg/views/vulnerability/list"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
func ListVulnerabilitiesCommand() *cobra.Command {
var opts api.ListVulnerabilityOptions
cmd := &cobra.Command{
Use: "list",
Short: "List vulnerabilities in Security Hub",
Long: "List vulnerabilities from Harbor Security Hub",
Example: ` harbor vulnerability list`,
Args: cobra.NoArgs,
RunE: func(cmd *cobra.Command, args []string) error {
if opts.PageSize < 0 {
return fmt.Errorf("page size must be greater than or equal to 0")
}
if opts.PageSize > 100 {
return fmt.Errorf("page size should be less than or equal to 100")
}
allVulnerabilities, hasNext, err := fetchVulnerabilities(opts)
if err != nil {
return fmt.Errorf("failed to list vulnerabilities: %v", utils.ParseHarborErrorMsg(err))
}
if len(allVulnerabilities) == 0 {
log.Info("No vulnerabilities found")
return nil
}
formatFlag := viper.GetString("output-format")
if formatFlag != "" {
err = utils.PrintFormat(allVulnerabilities, formatFlag)
if err != nil {
return err
}
} else {
vulnlist.ViewVulnerabilityList(allVulnerabilities, hasNext)
}
return nil
},
}
flags := cmd.Flags()
flags.Int64VarP(&opts.Page, "page", "", 1, "Page number")
flags.Int64VarP(&opts.PageSize, "page-size", "", 10, "Size of per page")
flags.StringVarP(&opts.Q, "query", "q", "", "Filter vulnerabilities with a ',' separated query string like exact k=v and range k=[min~max]")
flags.StringVarP(&opts.CVEID, "cve-id", "", "", "Filter by exact CVE ID")
flags.StringVarP(&opts.CVSSScore, "cvss-score", "", "", "Filter by CVSS v3 score range (e.g. 7.0~10.0) or exact score (e.g. 7.0)")
flags.StringVarP(&opts.Severity, "severity", "", "", "Filter by severity level")
flags.StringVarP(&opts.Repository, "repository", "", "", "Filter by exact repository name")
flags.StringVarP(&opts.ProjectName, "project-name", "", "", "Filter by exact project name")
flags.StringVarP(&opts.Package, "package", "", "", "Filter by exact package name")
flags.StringVarP(&opts.Tag, "tag", "", "", "Filter by exact artifact tag")
flags.StringVarP(&opts.Digest, "digest", "", "", "Filter by exact artifact digest")
flags.StringVarP(&opts.Exclude, "exclude", "", "", "Exclude vulnerabilities using a ',' separated query string (e.g., k=v or k=[min~max])")
flags.BoolVarP(&opts.Fixable, "fixable", "", false, "Only show fixable vulnerabilities")
return cmd
}
func fetchVulnerabilities(opts api.ListVulnerabilityOptions) ([]*models.VulnerabilityItem, bool, error) {
var allVuln []*models.VulnerabilityItem
if opts.PageSize == 0 {
log.Debug("Page size is 0, will fetch all vulnerabilities")
opts.PageSize = 100
opts.Page = 1
for {
response, err := api.ListVulnerabilities(opts)
if err != nil {
return nil, false, fmt.Errorf("failed to list vulnerabilities: %v", utils.ParseHarborErrorMsg(err))
}
if len(response.Payload) == 0 {
break
}
allVuln = append(allVuln, response.Payload...)
opts.Page++
if opts.Page > 10 {
return allVuln, true, nil
}
}
} else {
response, err := api.ListVulnerabilities(opts)
if err != nil {
return nil, false, fmt.Errorf("failed to list vulnerabilities: %v", utils.ParseHarborErrorMsg(err))
}
allVuln = append(allVuln, response.Payload...)
}
return allVuln, false, nil
}