Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional template variables #382

Open
heidemn opened this issue Jan 22, 2020 · 3 comments
Open

Additional template variables #382

heidemn opened this issue Jan 22, 2020 · 3 comments
Assignees
@simar7
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@heidemn
Copy link

heidemn commented Jan 22, 2020

The following variables would be useful if available in templates, so that all relevant information is available for archival of the results.

  • Timestamp
  • Trivy version
  • Image tag (currently not available separately, without the OS)
  • Image hash (since the tag might refer to a different image later)

For batch scanning and generating a consolidated view of multiple images, it would also be helpful to use the template for errors.
Internal errors (DB not readable) could still return an error code, but errors like "OS not supported" could use the template and maybe return exit code 0.

Possible extension:
Unfortunately, this change would be downwards-incompatible.
"Targets" is equal to the current output of v0.4.2.

{
  "StartedAt": "2020-01-22T00:39:57Z",
  "TrivyVersion": "0.4.2",
  "ImageTag": "repo.org/image:1.2.3",
  "ImageHash": "sha256:8d31dad0c58f552e890d68bbfb735588b6b820a46e459672d96e585871acc110",
  "Error": null,
  "Targets": [
    {
      "Target": "repo.org/image:1.2.3 (ubuntu 18.04)",
      "Vulnerabilities": [
        {
          "VulnerabilityID": "CVE-2019-13627",
          "PkgName": "libgcrypt20",
          "InstalledVersion": "1.8.1-4ubuntu1.1",
          "FixedVersion": "1.8.1-4ubuntu1.2",
          "Title": "libgcrypt: ECDSA timing attack in the libgcrypt20 cryptographic library",
          "Description": "It was discovered ..",
          "Severity": "MEDIUM",
          "References": [ "url", "url, ... ]
        }
      ]
    }
  ]
}

Error case:

{
  "StartedAt": "2020-01-22T00:39:57Z",
  "TrivyVersion": "0.4.2",
  "ImageTag": "repo.org/image:1.2.3",
  "ImageHash": "sha256:8d31dad0c58f552e890d68bbfb735588b6b820a46e459672d96e585871acc110",
  "Error": "OS not supported",
  "Targets": null
}
@heidemn heidemn added the kind/deprecation Categorizes issue or PR as related to a feature/enhancement marked for deprecation. label Jan 22, 2020
@mrueg
Copy link
Contributor

mrueg commented Jan 23, 2020

See also: #332

@heidemn
Copy link
Author

heidemn commented Feb 1, 2020

@mrueg thanks, I had missed that one. Added a suggestion there.

@knqyf263 knqyf263 added kind/feature Categorizes issue or PR as related to a new feature. and removed kind/deprecation Categorizes issue or PR as related to a feature/enhancement marked for deprecation. labels Apr 30, 2020
@jeff-cook
Copy link

It would also be nice to have the database version or date.

@krol3 krol3 added the lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. label Mar 21, 2021
josedonizetti pushed a commit to josedonizetti/trivy that referenced this issue Jun 24, 2022
@vanesasejdiu @liamg
test: add tests for aws ec2 tf adapters (aquasecurity#382)
3f8a587 
Co-authored-by: Liam Galvin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@mrueg @simar7 @knqyf263 @heidemn @krol3 @jeff-cook