def AddOccurrence(self, occ):
"""Adds occurrences retrieved from containeranalysis API."""
messages = ca_requests.GetMessages()
if occ.kind == messages.Occurrence.KindValueValuesEnum.VULNERABILITY:
self.vulnerability.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.IMAGE:
self.image.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.BUILD:
self.build.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.DEPLOYMENT:
self.deployment.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.DISCOVERY:
self.discovery.AddOccurrence(occ)
def add_record(self, occurrence):
messages = requests.GetMessages()
if (occurrence.kind ==
messages.Occurrence.KindValueValuesEnum.VULNERABILITY):
self.package_vulnerability_summary.add_record(occurrence)
elif occurrence.kind == messages.Occurrence.KindValueValuesEnum.IMAGE:
self.image_basis_summary.add_record(occurrence)
elif occurrence.kind == messages.Occurrence.KindValueValuesEnum.BUILD:
self.build_details_summary.add_record(occurrence)
elif (occurrence.kind ==
messages.Occurrence.KindValueValuesEnum.DEPLOYMENT):
self.deployment_summary.add_record(occurrence)
elif (occurrence.kind ==
messages.Occurrence.KindValueValuesEnum.DISCOVERY):
self.discovery_summary.add_record(occurrence)
def AddOccurrence(self, occ, include_build=True):
"""Adds occurrences retrieved from containeranalysis API."""
messages = ca_requests.GetMessages()
if occ.kind == messages.Occurrence.KindValueValuesEnum.VULNERABILITY:
self.vulnerability.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.IMAGE:
self.image.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.BUILD and occ.build and occ.build.provenance and include_build:
self.build.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.DEPLOYMENT:
self.deployment.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.DISCOVERY:
self.discovery.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.DSSE_ATTESTATION:
self.provenance.AddOccurrence(occ)
elif occ.kind == messages.Occurrence.KindValueValuesEnum.BUILD and occ.build and occ.build.intotoStatement:
self.provenance.AddOccurrence(occ)
def ImagesDescribeView(self):
"""Returns a dictionary representing package vulnerability metadata.
The returned dictionary is used by artifacts docker images describe command.
"""
messages = ca_requests.GetMessages()
view = {}
if self.vulnerabilities:
view['vulnerabilities'] = self.vulnerabilities
for count in self.counts:
# SEVERITY_UNSPECIFIED represents total counts across all serverities
if (count.severity == messages.FixableTotalByDigest.
SeverityValueValuesEnum.SEVERITY_UNSPECIFIED):
view['not_fixed_vulnerability_count'] = (count.totalCount -
count.fixableCount)
view['total_vulnerability_count'] = count.totalCount
break
return view
def ImagesListView(self):
"""Returns a dictionary representing package vulnerability metadata.
The returned dictionary is used by artifacts docker images list command.
"""
messages = ca_requests.GetMessages()
view = {}
if self.vulnerabilities:
view['PACKAGE_VULNERABILITY'] = self.vulnerabilities
vuln_counts = {}
for count in self.counts:
# SEVERITY_UNSPECIFIED represents total counts across all serverities
sev = count.severity
if (sev and sev != messages.FixableTotalByDigest.
SeverityValueValuesEnum.SEVERITY_UNSPECIFIED):
vuln_counts.update(
{sev: vuln_counts.get(sev, 0) + count.totalCount})
if vuln_counts:
view['vuln_counts'] = vuln_counts
return view
def __init__(self):
self.__messages = requests.GetMessages()
self.vulnerabilities = collections.defaultdict(list)