Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support to query the aws_ecr_image_scan_finding table using the image_digest query parameter. Closes #2356 #2357

Merged
merged 1 commit into from
Dec 17, 2024
Merged

Added support to query the aws_ecr_image_scan_finding table using the image_digest query parameter. Closes #2356 #2357

merged 1 commit into from
Dec 17, 2024

Conversation

ParthaI
Copy link
Contributor

@ParthaI ParthaI commented Dec 17, 2024

Integration test logs

Logs 
Add passing integration test logs here

Example query results

Results 
> select * from aws_ecr_image_scan_finding where repository_name = 'test'

Error: rpc error: code = Internal desc = aws: rpc error: code = Internal desc = 'List' call for table 'aws_ecr_image_scan_finding' is missing 2 required quals: 
    column:'image_tag' operator: =
    column:'image_digest' operator: =
 (SQLSTATE HV000)

+-----------------+-----------+--------------+------+----------+------------+-------------+-----+-------------------+-------------------------------+-------------------------+---------------------------------+-------+-----------+--------+------------+------------------>
| repository_name | image_tag | image_digest | name | severity | attributes | description | uri | image_scan_status | image_scan_status_description | image_scan_completed_at | vulnerability_source_updated_at | title | partition | region | account_id | sp_connection_nam>
+-----------------+-----------+--------------+------+----------+------------+-------------+-----+-------------------+-------------------------------+-------------------------+---------------------------------+-------+-----------+--------+------------+------------------>
+-----------------+-----------+--------------+------+----------+------------+-------------+-----+-------------------+-------------------------------+-------------------------+---------------------------------+-------+-----------+--------+------------+------------------>


> select * from aws_ecr_image_scan_finding where repository_name = 'test' and image_tag = 'latest'
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->
| repository_name | image_tag | image_digest                                                            | name           | severity      | attributes                                                                                                                        >
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-7008  | LOW           | [{"Key":"CVSS3_SCORE","Value":"5.9"},{"Key":"package_version","Value":"245.4-4ubuntu3.23"},{"Key":"package_name","Value":"systemd">
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2016-20013 | INFORMATIONAL | [{"Key":"CVSS3_SCORE","Value":"7.5"},{"Key":"package_version","Value":"2.31-0ubuntu9.14"},{"Key":"package_name","Value":"glibc"},{>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2013-4235  | LOW           | [{"Key":"CVSS3_SCORE","Value":"4.7"},{"Key":"package_version","Value":"1:4.8.1-1ubuntu5.20.04.5"},{"Key":"package_name","Value":"s>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-26604 | LOW           | [{"Key":"CVSS3_SCORE","Value":"7.8"},{"Key":"package_version","Value":"245.4-4ubuntu3.23"},{"Key":"package_name","Value":"systemd">
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2020-22916 | MEDIUM        | [{"Key":"CVSS3_SCORE","Value":"5.5"},{"Key":"package_version","Value":"5.2.4-1ubuntu1.1"},{"Key":"package_name","Value":"xz-utils">
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2016-2781  | LOW           | [{"Key":"CVSS3_SCORE","Value":"6.5"},{"Key":"package_version","Value":"8.30-3ubuntu2"},{"Key":"package_name","Value":"coreutils"},>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2017-11164 | INFORMATIONAL | [{"Key":"CVSS3_SCORE","Value":"7.5"},{"Key":"package_version","Value":"2:8.39-12ubuntu0.1"},{"Key":"package_name","Value":"pcre3"}>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-29383 | LOW           | [{"Key":"CVSS3_SCORE","Value":"3.3"},{"Key":"package_version","Value":"1:4.8.1-1ubuntu5.20.04.5"},{"Key":"package_name","Value":"s>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2024-2236  | MEDIUM        | [{"Key":"package_version","Value":"1.8.5-5ubuntu1.1"},{"Key":"package_name","Value":"libgcrypt20"}]                               >
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-50495 | LOW           | [{"Key":"CVSS3_SCORE","Value":"6.5"},{"Key":"package_version","Value":"6.2-0ubuntu2.1"},{"Key":"package_name","Value":"ncurses"},{>
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-45918 | LOW           | [{"Key":"package_version","Value":"6.2-0ubuntu2.1"},{"Key":"package_name","Value":"ncurses"}]                                     >
| test            | latest    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2022-3219  | LOW           | [{"Key":"CVSS3_SCORE","Value":"3.3"},{"Key":"package_version","Value":"2.2.19-3ubuntu2.2"},{"Key":"package_name","Value":"gnupg2"}>
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->

Time: 1.8s. Rows returned: 0. Rows fetched: 12. Hydrate calls: 12.

Scans:
  1) aws_ecr_image_scan_finding.aws: Time: 1.0s. Fetched: 12. Hydrates: 12. Quals: repository_name=test, image_tag=latest.

> select * from aws_ecr_image_scan_finding where repository_name = 'test' and image_digest = 'sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54'
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->
| repository_name | image_tag | image_digest                                                            | name           | severity      | attributes                                                                                                                        >
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2020-22916 | MEDIUM        | [{"Key":"CVSS3_SCORE","Value":"5.5"},{"Key":"package_version","Value":"5.2.4-1ubuntu1.1"},{"Key":"package_name","Value":"xz-utils">
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-29383 | LOW           | [{"Key":"CVSS3_SCORE","Value":"3.3"},{"Key":"package_version","Value":"1:4.8.1-1ubuntu5.20.04.5"},{"Key":"package_name","Value":"s>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-45918 | LOW           | [{"Key":"package_version","Value":"6.2-0ubuntu2.1"},{"Key":"package_name","Value":"ncurses"}]                                     >
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-50495 | LOW           | [{"Key":"CVSS3_SCORE","Value":"6.5"},{"Key":"package_version","Value":"6.2-0ubuntu2.1"},{"Key":"package_name","Value":"ncurses"},{>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-26604 | LOW           | [{"Key":"CVSS3_SCORE","Value":"7.8"},{"Key":"package_version","Value":"245.4-4ubuntu3.23"},{"Key":"package_name","Value":"systemd">
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2016-2781  | LOW           | [{"Key":"CVSS3_SCORE","Value":"6.5"},{"Key":"package_version","Value":"8.30-3ubuntu2"},{"Key":"package_name","Value":"coreutils"},>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2023-7008  | LOW           | [{"Key":"CVSS3_SCORE","Value":"5.9"},{"Key":"package_version","Value":"245.4-4ubuntu3.23"},{"Key":"package_name","Value":"systemd">
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2022-3219  | LOW           | [{"Key":"CVSS3_SCORE","Value":"3.3"},{"Key":"package_version","Value":"2.2.19-3ubuntu2.2"},{"Key":"package_name","Value":"gnupg2"}>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2016-20013 | INFORMATIONAL | [{"Key":"CVSS3_SCORE","Value":"7.5"},{"Key":"package_version","Value":"2.31-0ubuntu9.14"},{"Key":"package_name","Value":"glibc"},{>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2017-11164 | INFORMATIONAL | [{"Key":"CVSS3_SCORE","Value":"7.5"},{"Key":"package_version","Value":"2:8.39-12ubuntu0.1"},{"Key":"package_name","Value":"pcre3"}>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2013-4235  | LOW           | [{"Key":"CVSS3_SCORE","Value":"4.7"},{"Key":"package_version","Value":"1:4.8.1-1ubuntu5.20.04.5"},{"Key":"package_name","Value":"s>
| test            | <null>    | sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54 | CVE-2024-2236  | MEDIUM        | [{"Key":"package_version","Value":"1.8.5-5ubuntu1.1"},{"Key":"package_name","Value":"libgcrypt20"}]                               >
+-----------------+-----------+-------------------------------------------------------------------------+----------------+---------------+----------------------------------------------------------------------------------------------------------------------------------->

Time: 1.6s. Rows returned: 0. Rows fetched: 12. Hydrate calls: 12.

Scans:
  1) aws_ecr_image_scan_finding.aws: Time: 392ms. Fetched: 12. Hydrates: 12. Quals: repository_name=test, image_digest=sha256:f900332013e92d5036360e3499e9d4fdab5d08036069107e127daf1ec04f6b54.

@ParthaI ParthaI self-assigned this Dec 17, 2024
@ParthaI ParthaI requested a review from misraved December 17, 2024 06:17
@ParthaI ParthaI linked an issue Dec 17, 2024 that may be closed by this pull request
Add support to query the aws_ecr_image_scan_finding table using the image_digest query parameter. #2356
Closed
@misraved misraved merged commit 9e523fa into main Dec 17, 2024
1 check passed
@misraved misraved deleted the issue-2356 branch December 17, 2024 07:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@misraved misraved misraved approved these changes

Assignees

@ParthaI ParthaI

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support to query the aws_ecr_image_scan_finding table using the image_digest query parameter.
2 participants
@ParthaI @misraved