commit 4525225b62fae66972c7b60fd223caea446470ad
author Ivan Udovichenko <iudovichenko@mirantis.com> Tue Apr 14 22:45:53 2020 +0300
committer Ivan Udovichenko <iudovichenko@mirantis.com> Tue Apr 14 22:47:06 2020 +0300
tree 9362940c5406b1ca57393efe74530ee218c9d669
parent 0a8da725c8ae06d825dfd2bcbd057222234a5dc2

Add find_cves_by_severity method to Docker image scanner lib

Change-Id: I8497860799cfdf3b467d5102de4bd0989f16de69
Related-PROD: https://mirantis.jira.com/browse/RE-110

src/com/mirantis/mk/DockerImageScanner.groovy

diff --git a/src/com/mirantis/mk/DockerImageScanner.groovy b/src/com/mirantis/mk/DockerImageScanner.groovy
index 14acc3c..c17bb15 100644
--- a/src/com/mirantis/mk/DockerImageScanner.groovy
+++ b/src/com/mirantis/mk/DockerImageScanner.groovy
@@ -5,23 +5,23 @@
 import groovy.json.JsonSlurper
 
 def callREST (String uri, String auth,
-			  String method = 'GET', String message = null) {
-	String authEnc = auth.bytes.encodeBase64()
-	def req = new URL(uri).openConnection()
-	req.setRequestMethod(method)
-	req.setRequestProperty('Content-Type', 'application/json')
-	req.setRequestProperty('Authorization', "Basic ${authEnc}")
-	if (message) {
-		req.setDoOutput(true)
-		req.getOutputStream().write(message.getBytes('UTF-8'))
-	}
-	Integer responseCode = req.getResponseCode()
-	String responseText = ''
-	if (responseCode == 200 || responseCode == 201) {
-		responseText = req.getInputStream().getText()
-	}
-	req = null
-	return [ 'responseCode': responseCode, 'responseText': responseText ]
+              String method = 'GET', String message = null) {
+    String authEnc = auth.bytes.encodeBase64()
+    def req = new URL(uri).openConnection()
+    req.setRequestMethod(method)
+    req.setRequestProperty('Content-Type', 'application/json')
+    req.setRequestProperty('Authorization', "Basic ${authEnc}")
+    if (message) {
+        req.setDoOutput(true)
+        req.getOutputStream().write(message.getBytes('UTF-8'))
+    }
+    Integer responseCode = req.getResponseCode()
+    String responseText = ''
+    if (responseCode == 200 || responseCode == 201) {
+        responseText = req.getInputStream().getText()
+    }
+    req = null
+    return [ 'responseCode': responseCode, 'responseText': responseText ]
 }
 
 def getTeam (String image = '') {
@@ -260,3 +260,23 @@
             }
     }
 }
+
+def find_cves_by_severity(String reportJsonContent, String Severity) {
+    def cves = []
+    def reportJSON = new JsonSlurper().parseText(reportJsonContent)
+    reportJSON.each{
+        image ->
+            image.value.each{
+                pkg ->
+                    pkg.value.each{
+                        cve ->
+                            if (cve[2]) {
+                                if (cve[1].contains(Severity)) {
+                                    cves.add("${pkg.key} ${cve[0]} (${cve[2]})")
+                                }
+                            }
+                    }
+            }
+    }
+    return cves
+}