From 26853fc9e590df286793835edeca50fada55fc8c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thiago=20Figueir=C3=B3?= <tfigueiro@gitlab.com>
Date: Mon, 25 Jul 2022 11:13:57 +1000
Subject: [PATCH] fix(vuln): GitLab report template

- Upgrade to schema 14.0.6 (https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/v14.0.6/dist/container-scanning-report-format.json).
- Drop unsupported `confidence` property. Currently optional and will be removed by GitLab in schema 15-0-0.
---
 contrib/gitlab.tpl | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/contrib/gitlab.tpl b/contrib/gitlab.tpl
index 2d2958984fe5..40004de04eb0 100644
--- a/contrib/gitlab.tpl
+++ b/contrib/gitlab.tpl
@@ -1,10 +1,11 @@
 {{- /* Template based on https://docs.gitlab.com/ee/user/application_security/container_scanning/#reports-json-format */ -}}
 {
-  "version": "2.3",
+  "version": "14.0.6",
   "vulnerabilities": [
   {{- $t_first := true }}
   {{- range . }}
   {{- $target := .Target }}
+    {{ $image := $target | regexFind "^[^:\\s]+" }}
     {{- range .Vulnerabilities -}}
     {{- if $t_first -}}
       {{- $t_first = false -}}
@@ -31,8 +32,6 @@
                   {{-  else -}}
                     "{{ .Severity }}"
                   {{- end }},
-      {{- /* TODO: Define confidence */}}
-      "confidence": "Unknown",
       "solution": {{ if .FixedVersion -}}
                     "Upgrade {{ .PkgName }} to {{ .FixedVersion }}"
                   {{- else -}}
@@ -51,7 +50,7 @@
         },
         {{- /* TODO: No mapping available - https://github.com/aquasecurity/trivy/issues/332 */}}
         "operating_system": "Unknown",
-        "image": "{{ $target }}"
+        "image": "{{ $image }}"
       },
       "identifiers": [
         {