Skip to content

Commit

Permalink
Fix issue #101 (#102)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vasartori @hashmap
vasartori authored and hashmap committed May 29, 2018
1 parent ae9dbba commit 3bdb110
Showing 1 changed file with 20 additions and 15 deletions.
35 changes: 20 additions & 15 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,18 +27,23 @@ func main() {
fail("Invalid options: %s", err)
}

fmt.Fprintf(os.Stderr, "clair timeout %s\n", conf.ClairTimeout)
fmt.Fprintf(os.Stderr, "docker timeout: %s\n", conf.DockerConfig.Timeout)

if !conf.JSONOutput {
fmt.Fprintf(os.Stderr, "clair timeout %s\n", conf.ClairTimeout)
fmt.Fprintf(os.Stderr, "docker timeout: %s\n", conf.DockerConfig.Timeout)
}
whitelist := &vulnerabilitiesWhitelist{}
if (conf.WhiteListFile != "") {
fmt.Fprintf(os.Stderr, "whitelist file: %s\n", conf.WhiteListFile)
if conf.WhiteListFile != "" {
if !conf.JSONOutput {
fmt.Fprintf(os.Stderr, "whitelist file: %s\n", conf.WhiteListFile)
}
whitelist, err = parseWhitelistFile(conf.WhiteListFile)
if err != nil {
fail("Could not parse whitelist file: %s", err)
}
} else {
fmt.Fprintf(os.Stderr, "no whitelist file\n")
if !conf.JSONOutput {
fmt.Fprintf(os.Stderr, "no whitelist file\n")
}
}

image, err := docker.NewImage(&conf.DockerConfig)
Expand Down Expand Up @@ -84,9 +89,9 @@ func main() {

//apply whitelist
numVulnerabilites := len(vs)
vs = filterWhitelist(whitelist,vs)
vs = filterWhitelist(whitelist, vs)
numVulnerabilitiesAfterWhitelist := len(vs)

groupBySeverity(vs)
vsNumber := 0

Expand All @@ -100,20 +105,20 @@ func main() {
} else {
if numVulnerabilitiesAfterWhitelist < numVulnerabilites {
//display how many vulnerabilities were whitelisted
fmt.Printf("Whitelisted %d vulnerabilities\n", numVulnerabilites - numVulnerabilitiesAfterWhitelist)
fmt.Printf("Whitelisted %d vulnerabilities\n", numVulnerabilites-numVulnerabilitiesAfterWhitelist)
}
fmt.Printf("Found %d vulnerabilities\n", len(vs))
iteratePriorities(priorities[0], func(sev string) { fmt.Printf("%s: %d\n", sev, len(store[sev])) })
fmt.Printf("\n")

iteratePriorities(conf.ClairOutput, func(sev string) {
vsNumber += len(store[sev])
for _, v := range store[sev] {
fmt.Printf("%s: [%s] \nFound in: %s [%s]\nFixed By: %s\n%s\n%s\n", v.Name, v.Severity, v.FeatureName, v.FeatureVersion, v.FixedBy, v.Description, v.Link)
fmt.Println("-----------------------------------------")
}
})

}

if vsNumber > conf.Threshold {
Expand Down Expand Up @@ -158,9 +163,9 @@ func vulnsBy(sev string, store map[string][]*clair.Vulnerability) []*clair.Vulne
func filterWhitelist(whitelist *vulnerabilitiesWhitelist, vs []*clair.Vulnerability) []*clair.Vulnerability {
generalWhitelist := whitelist.General
imageWhitelist := whitelist.Images

filteredVs := make([]*clair.Vulnerability, 0, len(vs))

for _, v := range vs {
if _, exists := generalWhitelist[v.Name]; !exists {
//vulnerability is not in the general whitelist, so get the image name by removing ":version" from the value returned via the Clair API
Expand All @@ -171,6 +176,6 @@ func filterWhitelist(whitelist *vulnerabilitiesWhitelist, vs []*clair.Vulnerabil
}
}
}

return filteredVs
}
}

0 comments on commit 3bdb110

Please sign in to comment.