Merge pull request #20 from lshift/json-output

JSON output
optiopay · Apr 25, 2017 · c379f11 · c379f11
2 parents 60e2082 + 33cbbdf
commit c379f11
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -40,6 +40,8 @@ Default is `Unknown`.
 * `DOCKER_INSECURE` - Allow Klar to access registries with bad SSL certificates. Default is `false`. Clair will 
 need to be booted with `-insecure-tls` for this to work.
 
+* `JSON_OUTPUT` - Output JSON, not plain text. Default is `false`.
+
 Usage:
 
     CLAIR_ADDR=http://localhost CLAIR_OUTPUT=High CLAIR_THRESHOLD=10 DOCKER_USER=me DOCKER_PASSWORD=secret klar postgres:9.5.1

diff --git a/main.go b/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"encoding/json"
 	"fmt"
 	"os"
 	"strconv"
@@ -10,6 +11,11 @@ import (
 	"github.com/optiopay/klar/docker"
 )
 
+type jsonOutput struct {
+	LayerCount      int
+	Vulnerabilities []clair.Vulnerability
+}
+
 var priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1"}
 var store = make(map[string][]clair.Vulnerability)
 
@@ -52,11 +58,17 @@ func main() {
 
 	dockerUser := os.Getenv("DOCKER_USER")
 	dockerPassword := os.Getenv("DOCKER_PASSWORD")
+
 	insecureTLS := false
 	if envInsecure, err := strconv.ParseBool(os.Getenv("DOCKER_INSECURE")); err == nil {
 		insecureTLS = envInsecure
 	}
 
+	useJSONOutput := false
+	if envJSONOutput, err := strconv.ParseBool(os.Getenv("JSON_OUTPUT")); err == nil {
+		useJSONOutput = envJSONOutput
+	}
+
 	image, err := docker.NewImage(os.Args[1], dockerUser, dockerPassword, insecureTLS)
 	if err != nil {
 		fmt.Printf("Can't parse qname: %s", err)
@@ -68,26 +80,39 @@ func main() {
 		fmt.Printf("Can't pull image: %s", err)
 		os.Exit(1)
 	}
+
+	var output = jsonOutput{}
+
 	if len(image.FsLayers) == 0 {
 		fmt.Printf("Can't pull fsLayers")
 		os.Exit(1)
 	} else {
-		fmt.Printf("Analysing %d layers\n", len(image.FsLayers))
+		if useJSONOutput {
+			output.LayerCount = len(image.FsLayers)
+		} else {
+			fmt.Printf("Analysing %d layers\n", len(image.FsLayers))
+		}
 	}
 
 	c := clair.NewClair(clairAddr)
 	vs := c.Analyse(image)
 	groupBySeverity(vs)
-	fmt.Printf("Found %d vulnerabilities \n", len(vs))
 	highSevNumber := len(store["High"]) + len(store["Critical"]) + len(store["Defcon1"])
 
-	iteratePriorities(clairOutput, func(sev string) {
-		for _, v := range store[sev] {
-			fmt.Printf("%s: [%s] \n%s\n%s\n", v.Name, v.Severity, v.Description, v.Link)
-			fmt.Println("-----------------------------------------")
-		}
-	})
-	iteratePriorities(priorities[0], func(sev string) { fmt.Printf("%s: %d\n", sev, len(store[sev])) })
+	if useJSONOutput {
+		output.Vulnerabilities = vs
+		enc := json.NewEncoder(os.Stdout)
+		enc.Encode(output)
+	} else {
+		fmt.Printf("Found %d vulnerabilities \n", len(vs))
+		iteratePriorities(clairOutput, func(sev string) {
+			for _, v := range store[sev] {
+				fmt.Printf("%s: [%s] \n%s\n%s\n", v.Name, v.Severity, v.Description, v.Link)
+				fmt.Println("-----------------------------------------")
+			}
+		})
+		iteratePriorities(priorities[0], func(sev string) { fmt.Printf("%s: %d\n", sev, len(store[sev])) })
+	}
 
 	if highSevNumber > threshold {
 		os.Exit(1)