Class: ForemanCveScanner::CveReportScanner

Inherits:

Object

• Object
• ForemanCveScanner::CveReportScanner

Defined in:

app/services/foreman_cve_scanner/cve_report_scanner.rb

Overview

Parses raw CVE scanner reports and produces unified logs/metrics. rubocop:disable Metrics/ClassLength

Constant Summary

SEVERITY_ORDER =

%w[CRITICAL HIGH MEDIUM LOW UNKNOWN].freeze

Instance Attribute Summary

• #logs ⇒ Object readonly

  Returns the value of attribute logs.

• #status ⇒ Object readonly

  Returns the value of attribute status.

Class Method Summary

• .cve_scanner_report?(raw) ⇒ Boolean
• .detect_scanner(scan_json) ⇒ Object
• .identify_origin(raw) ⇒ Object

Instance Method Summary

• #generate ⇒ Object
• #initialize(raw) ⇒ CveReportScanner constructor

  A new instance of CveReportScanner.

• #metrics ⇒ Object
• #unified_vulnerabilities ⇒ Object

Constructor Details

#initialize(raw) ⇒ CveReportScanner

Returns a new instance of CveReportScanner.

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 17

def initialize(raw)
  @raw_data = raw
  @cve_report_data = generate_unified_vuls
end

Instance Attribute Details

#logs ⇒ Object (readonly)

Returns the value of attribute logs.

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 31

def logs
  @logs
end

#status ⇒ Object (readonly)

Returns the value of attribute status.

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 31

def status
  @status
end

Class Method Details

.cve_scanner_report?(raw) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 13

def self.cve_scanner_report?(raw)
  raw['reporter'] == 'cve_scan'
end

.detect_scanner(scan_json) ⇒ Object

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 37

def self.detect_scanner(scan_json)
  return 'grype' if scan_json.is_a?(Hash) && scan_json.key?('matches')
  return 'trivy' if scan_json.is_a?(Hash) && scan_json.key?('Results')

  'unknown'
end

.identify_origin(raw) ⇒ Object

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 9

def self.identify_origin(raw)
  'CveScanner' if cve_scanner_report?(raw)
end

Instance Method Details

#generate ⇒ Object

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 22

def generate
  @status = {}
  @logs = []
  @cve_report_data.each do |id, cve|
    @logs << generate_log_from_unified(id, cve)
  end
  @logs
end

#metrics ⇒ Object

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 44

def metrics
  known = %w[critical high medium low]
  res = @status.slice(*known)
  res['total'] = res.values.sum
  res
end

#unified_vulnerabilities ⇒ Object

# File 'app/services/foreman_cve_scanner/cve_report_scanner.rb', line 33

def unified_vulnerabilities
  @cve_report_data
end