Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker scan - map vulnerabilities to Dockerfile commands #975

Merged
merged 68 commits into from
Oct 5, 2023
Merged

Docker scan - map vulnerabilities to Dockerfile commands #975

merged 68 commits into from
Oct 5, 2023

Conversation

EyalDelarea
Copy link
Contributor

@EyalDelarea EyalDelarea commented Sep 27, 2023
edited
Loading

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • All static analysis checks passed.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.

Enrich jf docker scan results with the origin command to the vulnerability found. And customize the docker scan table with more suitable parameters.

Before:

image

After:

image
Depends on: jfrog/jfrog-client-go#817

@EyalDelarea
Refactor scan to allow the reuse of docker scan
32c823a
@EyalDelarea
stash
da9bd27
@EyalDelarea
pull dev
1a617cf
@EyalDelarea
stash
5e891d7
@EyalDelarea
Init refactor, change calls with crashing tests
0011ffa
@EyalDelarea
pull dev
947f07b
@EyalDelarea
pull dev
59a2513
@EyalDelarea
fix static analysis and change order
a3152b8
@EyalDelarea
refactor
ffa9481
@EyalDelarea
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into re…
6f4ab1a 
…factor_print_table
@EyalDelarea
pull refactor table branch
08373b4
@EyalDelarea
add new table
4c57a72
@EyalDelarea
add set scan type
db07a5f
@EyalDelarea
pull refactor
3fa6ee4
@EyalDelarea
customize docker table output
1d5cf13
@EyalDelarea
pull dev
4d4fbf8
@EyalDelarea
fix static check
3edbbe0
@EyalDelarea
fix static check
0ae9afa
@EyalDelarea
pull dev
343398b
@EyalDelarea
replace to dev
eb06af3
@EyalDelarea
remove predefined binary scan
87a30b3
@EyalDelarea
pull refactor branch
38881b1
@EyalDelarea
change name
f632481
@EyalDelarea
stash progress
8575602
@EyalDelarea
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into re…
455055d 
…factor_print_table
@EyalDelarea
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into im…
113d9e6 
…prove_docker_scan
@EyalDelarea
map commands to line number
7537a30
@EyalDelarea
handle more than one FROM command
391f666
@EyalDelarea
stash docker progress
6ba2220
@EyalDelarea
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-core into re…
32f61cd 
…factor_print_table
sverdlov93
sverdlov93 reviewed Oct 5, 2023
View reviewed changes
xray/commands/scan/scan.go
}()
// Preform Binary scan
extendedScanResults, cleanup, scanErrors, err := scanCmd.binaryScan()
defer cleanup()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cleanup can be nil?

EyalDelarea
EyalDelarea commented Oct 5, 2023
View reviewed changes
xray/utils/resultstable.go
if len(rows[i].FixedVersions) != len(rows[j].FixedVersions) {
return len(rows[i].FixedVersions) > len(rows[j].FixedVersions)
}
return rows[i].ImpactedDependencyName > rows[j].ImpactedDependencyName
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sverdlov93 this will effect the audit as well

added sort by package name after fixed version suggestion

@EyalDelarea EyalDelarea temporarily deployed to frogbot October 5, 2023 10:17 — with GitHub Actions Inactive
@EyalDelarea EyalDelarea requested a review from sverdlov93 October 5, 2023 10:17
@EyalDelarea
Copy link
Contributor Author

@sverdlov93 notice now the sort will show same packages near each other, maybe we should add other sort inside package names by so it will look better.

@EyalDelarea EyalDelarea temporarily deployed to frogbot October 5, 2023 12:21 — with GitHub Actions Inactive
@EyalDelarea EyalDelarea temporarily deployed to frogbot October 5, 2023 14:15 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

github-actions bot commented Oct 5, 2023

@EyalDelarea EyalDelarea merged commit c1b7d32 into jfrog:dev Oct 5, 2023
@BrewTestBot BrewTestBot mentioned this pull request Oct 6, 2023
Merged
yahavi added a commit that referenced this pull request Oct 11, 2023
@yahavi
Revert "Docker scan - map vulnerabilities to Dockerfile commands (#975)"
dd3b2d3 
This reverts commit c1b7d32.
yahavi added a commit that referenced this pull request Oct 11, 2023
@yahavi
Revert "Docker scan - map vulnerabilities to Dockerfile commands (#975)…
a4f38af 
…" (#990)

This reverts commit c1b7d32.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sverdlov93 sverdlov93 Awaiting requested review from sverdlov93

Assignees

@EyalDelarea EyalDelarea

Labels
new feature Automatically generated release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@EyalDelarea @sverdlov93