Fix asff template for the Message parameter #7391

aliaksxssv · 2024-08-26T13:04:53Z

aliaksxssv
Aug 26, 2024

Description

ASFF report contains a Message field with double quotes inside the value. This makes using jq impossible as it causes error:

parse error: Invalid numeric literal at line XXXX, column XXXX

We need jq to adjust report before submitting to the AWS SecurityHub:

$ cat trivy_raw.asff | jq '.Findings' > trivy_sechub.asff

ASFF report snippet:

"ProductFields": { "Product Name": "Trivy" }, "Resources": [ { "Type": "Other", "Id": "templates/cronjob.yaml", "Partition": "aws", "Region": "", "Details": { "Other": { "Message": "container "helm-cronjob" of cronjob "helm-cronjob" in "default" namespace should specify a seccomp profile", "Filename": "templates/cronjob.yaml", "StartLine": "0", "EndLine": "0" } } } ], "RecordState": "ACTIVE"

Desired Behavior

escape function should be applied as it was done before for the Title field

"Message": "{{ escapeString .Message }}"

Actual Behavior

No escape function

"Message": "{{ .Message }}"

Reproduction Steps

just create trivy report using asff template

Target

None

Scanner

None

Output Format

None

Mode

None

Debug Output

n/a

Operating System

any

Version

0.54.1

Checklist

Run trivy clean --all
Read the troubleshooting

DmitriyLewen · 2024-08-27T02:30:43Z

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix asff template for the Message parameter #7391

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Fix asff template for the Message parameter #7391

aliaksxssv Aug 26, 2024

Description

Desired Behavior

Actual Behavior

Reproduction Steps

Target

Scanner

Output Format

Mode

Debug Output

Operating System

Version

Checklist

Replies: 1 comment

DmitriyLewen Aug 27, 2024 Maintainer

aliaksxssv
Aug 26, 2024

DmitriyLewen
Aug 27, 2024
Maintainer