Skip to content

Commit

Permalink
plugins/cvelib: new plugin for CVE Services API
Browse files Browse the repository at this point in the history
The CVE Services API allows CVE Numbering Authorities (CNAs) to reserve,
publish, and manage CVE IDs.  This plugin sets the environment variables
required to use the reference cvelib implementation of the API.

See also: https://www.cve.org/AllResources/CveServices
          https://github.com/RedHatProductSecurity/cvelib
          https://vulnogram.github.io/cve5/#cvePortal
  • Loading branch information
ppaeps committed Apr 9, 2024
1 parent 39ed88f commit 40147f9
Show file tree
Hide file tree
Showing 3 changed files with 96 additions and 0 deletions.
49 changes: 49 additions & 0 deletions plugins/cvelib/api_key.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
package cvelib

import (
"github.com/1Password/shell-plugins/sdk"
"github.com/1Password/shell-plugins/sdk/importer"
"github.com/1Password/shell-plugins/sdk/provision"
"github.com/1Password/shell-plugins/sdk/schema"
"github.com/1Password/shell-plugins/sdk/schema/credname"
"github.com/1Password/shell-plugins/sdk/schema/fieldname"
)

func APIKey() schema.CredentialType {
return schema.CredentialType{
Name: credname.APIKey,
DocsURL: sdk.URL("https://github.com/RedHatProductSecurity/cvelib"),
ManagementURL: sdk.URL("https://vulnogram.github.io/cve5/#cvePortal"),
Fields: []schema.CredentialField{
{
Name: fieldname.User,
MarkdownDescription: "User to authenticate to CVE Services API (CVE user).",
},
{
Name: fieldname.Organization,
MarkdownDescription: "Organization to authenticate to CVE Services API (CNA short name).",
},
{
Name: fieldname.APIKey,
MarkdownDescription: "API Key used to authenticate to CVE Services API (CNA API key).",
Secret: true,
Composition: &schema.ValueComposition{
Length: 36,
Charset: schema.Charset{
Lowercase: true,
Digits: true,
},
},
},
},
DefaultProvisioner: provision.EnvVars(defaultEnvVarMapping),
Importer: importer.TryAll(
importer.TryEnvVarPair(defaultEnvVarMapping),
)}
}

var defaultEnvVarMapping = map[string]sdk.FieldName{
"CVE_USER": fieldname.User,
"CVE_ORG": fieldname.Organization,
"CVE_API_KEY": fieldname.APIKey,
}
25 changes: 25 additions & 0 deletions plugins/cvelib/cve.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
package cvelib

import (
"github.com/1Password/shell-plugins/sdk"
"github.com/1Password/shell-plugins/sdk/needsauth"
"github.com/1Password/shell-plugins/sdk/schema"
"github.com/1Password/shell-plugins/sdk/schema/credname"
)

func CVEServicesAPICLI() schema.Executable {
return schema.Executable{
Name: "CVE Services API CLI",
Runs: []string{"cve"},
DocsURL: sdk.URL("https://github.com/RedHatProductSecurity/cvelib"),
NeedsAuth: needsauth.IfAll(
needsauth.NotForHelpOrVersion(),
needsauth.NotWithoutArgs(),
),
Uses: []schema.CredentialUsage{
{
Name: credname.APIKey,
},
},
}
}
22 changes: 22 additions & 0 deletions plugins/cvelib/plugin.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
package cvelib

import (
"github.com/1Password/shell-plugins/sdk"
"github.com/1Password/shell-plugins/sdk/schema"
)

func New() schema.Plugin {
return schema.Plugin{
Name: "cvelib",
Platform: schema.PlatformInfo{
Name: "CVE Services",
Homepage: sdk.URL("https://www.cve.org/AllResources/CveServices"),
},
Credentials: []schema.CredentialType{
APIKey(),
},
Executables: []schema.Executable{
CVEServicesAPICLI(),
},
}
}

0 comments on commit 40147f9

Please sign in to comment.