def GenerateReport(DEBUG, accesskey, secretkey, repo, image, tag):
client = TenableIO(accesskey, secretkey)
# Gather the list of repositories
resp = client.get("container-security/api/v2/reports/" + repo + "/" +
image + "/" + tag)
respdata = json.loads(resp.text)
if DEBUG:
print("Response", respdata)
print("\n\n")
with open("tiocs-report.csv", "w") as csvfile:
fieldnames = [
'cve', 'severity', 'vuln publication date', 'affected packages',
'remediation', 'description'
]
writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
writer.writeheader()
for i in respdata['findings']:
packages = ""
for j in i['packages']:
if packages != "":
packages += "\n"
if DEBUG:
print("Software packages affected", j['name'],
j['version'])
packages = packages + ' ' + str(j['name']) + ' ' + str(
j['version'])
if DEBUG:
print(i)
print("\n\n")
print("Package", i['packages'])
print("NVD Finding", i['nvdFinding'])
print("CVE", i['nvdFinding']['cve'])
print("Severity", i['nvdFinding']['cvss_score'])
print("Remediation", i['nvdFinding']['remediation'])
print("Description", i['nvdFinding']['description'])
print("Vulnerability publication date",
i['nvdFinding']['published_date'])
rowdict = {
'cve': i['nvdFinding']['cve'],
'severity': i['nvdFinding']['cvss_score'],
'vuln publication date': i['nvdFinding']['published_date'],
'remediation': str(i['nvdFinding']['remediation']),
'description': str(i['nvdFinding']['description']),
'affected packages': packages
}
writer.writerow(rowdict)
csvfile.close()
return
tio = TenableIO(tio_access_key, tio_secret_key)
for i in docker_client.containers.list():
#print("Docker container name: ", i.name)
#print("Docker container ID: ", i.id)
#print("Docker short container ID: ", i.short_id)
print("Docker image tags: ", i.image.tags)
print("Docker image ID: ", i.image.id)
print("Docker image short ID: ", i.image.short_id)
image_id = re.search("sha256:([0-9a-f]{12}).*", i.image.id)
if image_id is not None:
print("Image ID:", image_id[1])
querystring = {"image_id": image_id[1]}
url = "container-security/api/v1/reports/by_image"
try:
response = tio.get(url, params=querystring)
json_response = response.json()
print(f"Image risk score: {json_response['risk_score']}")
except NotFoundError:
print("Image not assessed previously by Tenable.io CS")
i.image.tag(f"registry.cloud.tenable.com/{i.image.tags[0]}")
#target_image = docker_client.images.get(f"registry.cloud.tenable.com/{i.image.tags[0]}")
docker_client.images.push(
f"registry.cloud.tenable.com/{i.image.tags[0]}",
auth_config={
"username": tio_access_key,
"password": tio_secret_key
})
print(
f"Image should now be assessed in Tenable.io. Image pushed to registry.cloud.tenable.com/{i.image.tags[0]}"
)
def printuri(list1):
print(color.YELLOW + "Fetching list of Scans..." + color.END)
i = 1
for scan in list1:
print("(" + str(i) + ") Application_URI: " + scan["application_uri"])
i = i + 1
sl.append(scan["scan_id"])
response1 = input(color.YELLOW + "Which scan do you want to analize?: " + color.END)
response1 = int(response1) - 1
id1 = sl[response1]
return id1
url = "was/v2/scans"
querystring = {"ordering":"asc","page":"0","size":"10"}
headers = {'accept': 'application/json'}
resp = tio.get(url, headers=headers, params=querystring)
list1 = json.loads(resp.text)["data"]
if json.loads(resp.text)["total_size"] < 10:
id1 = printuri(list1)
else:
listt = createlist(url,list1,json.loads(resp.text)["total_size"])
id1 = printuri(listt)
url2 = "was/v2/scans/" + id1 + "/vulnerabilities"
headers2 = {'accept': 'application/json'}
querystring2 = {"ordering":"asc","page":"0","size":"10"}
resp2 = tio.get(url2, headers=headers2, params=querystring2)
list2 = json.loads(resp2.text)["data"]
headers3 = {'accept': 'text/plain'}