mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-12 15:50:15 -08:00
Modify template for GitLab Container Scanning (#387)
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
This commit is contained in:
Takuya N
@@ -1,40 +1,40 @@
|
||||
{{- /* Template based on https://docs.gitlab.com/ee/user/application_security/container_scanning/#reports-json-format */}}
|
||||
{{- /* Template based on https://docs.gitlab.com/ee/user/application_security/container_scanning/#reports-json-format */ -}}
|
||||
{
|
||||
"version": "2.3",
|
||||
{{- range . }}
|
||||
{{- $target := .Target }}
|
||||
"vulnerabilities": [
|
||||
{{- $first := true}}
|
||||
"version": "2.3",
|
||||
"vulnerabilities": [
|
||||
{{- $first := true }}
|
||||
{{- range . }}
|
||||
{{- $target := .Target }}
|
||||
{{- range .Vulnerabilities -}}
|
||||
{{- if $first -}}
|
||||
{{- $first = false -}}
|
||||
{{else -}}
|
||||
,
|
||||
{{- end}}
|
||||
{{ else -}}
|
||||
,
|
||||
{{- end }}
|
||||
{
|
||||
"category": "container_scanning",
|
||||
"message": {{ .Title | printf "%q" }},
|
||||
"description": {{ .Description | printf "%q"}},
|
||||
"description": {{ .Description | printf "%q" }},
|
||||
"cve": "{{ .VulnerabilityID }}",
|
||||
"severity": {{ if eq .Severity "UNKNOWN" -}}
|
||||
"Unknown"
|
||||
{{else if eq .Severity "LOW" -}}
|
||||
{{- else if eq .Severity "LOW" -}}
|
||||
"Low"
|
||||
{{else if eq .Severity "MEDIUM" -}}
|
||||
{{- else if eq .Severity "MEDIUM" -}}
|
||||
"Medium"
|
||||
{{else if eq .Severity "HIGH" -}}
|
||||
{{- else if eq .Severity "HIGH" -}}
|
||||
"High"
|
||||
{{else if eq .Severity "CRITICAL" -}}
|
||||
{{- else if eq .Severity "CRITICAL" -}}
|
||||
"Critical"
|
||||
{{ else -}}
|
||||
"{{ .Severity }}"
|
||||
{{- end }},
|
||||
{{- else -}}
|
||||
"{{ .Severity }}"
|
||||
{{- end }},
|
||||
"confidence": "Unknown",
|
||||
"solution": {{ if .FixedVersion -}}
|
||||
"Upgrade {{ .PkgName }} to {{ .FixedVersion }}",
|
||||
"Upgrade {{ .PkgName }} to {{ .FixedVersion }}"
|
||||
{{- else -}}
|
||||
"No solution provided",
|
||||
{{- end }}
|
||||
"No solution provided"
|
||||
{{- end }},
|
||||
"scanner": {
|
||||
"id": "trivy",
|
||||
"name": "trivy"
|
||||
@@ -43,38 +43,38 @@
|
||||
"dependency": {
|
||||
"package": {
|
||||
"name": "{{ .PkgName }}"
|
||||
},
|
||||
"version": "{{ .InstalledVersion }}"
|
||||
},
|
||||
"version": "{{ .InstalledVersion }}"
|
||||
},
|
||||
{{- /* TODO: No mapping available - https://github.com/aquasecurity/trivy/issues/332 */}}
|
||||
"operating_system": "Unknown",
|
||||
"image": "{{ $target }}"
|
||||
{{- /* TODO: No mapping available - https://github.com/aquasecurity/trivy/issues/332 */}}
|
||||
"operating_system": "Unknown",
|
||||
"image": "{{ $target }}"
|
||||
},
|
||||
"identifiers": [
|
||||
{
|
||||
{
|
||||
{{- /* TODO: Type not extractable - https://github.com/aquasecurity/trivy-db/pull/24 */}}
|
||||
"type": "cve",
|
||||
"name": "{{ .VulnerabilityID }}",
|
||||
"value": "{{ .VulnerabilityID }}",
|
||||
"url": ""
|
||||
}
|
||||
}
|
||||
],
|
||||
"links": [
|
||||
{{ $first := true -}}
|
||||
{{- range .References -}}
|
||||
{{- if $first -}}
|
||||
{{- $first = false -}}
|
||||
{{else -}}
|
||||
,
|
||||
{{ end -}}
|
||||
{
|
||||
{{- $first := true -}}
|
||||
{{- range .References -}}
|
||||
{{- if $first -}}
|
||||
{{- $first = false }}
|
||||
{{- else -}}
|
||||
,
|
||||
{{- end -}}
|
||||
{
|
||||
"url": "{{ . }}"
|
||||
}
|
||||
{{- end }}
|
||||
]
|
||||
}
|
||||
{{- end }}
|
||||
]
|
||||
}
|
||||
{{- end -}}
|
||||
{{- end}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
||||
],
|
||||
"remediations": []
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user