feat(twistlock): add compliance issues to reports

swingletree-oss · Jul 5, 2019 · f4ef9ec · f4ef9ec
1 parent 9923610
commit f4ef9ec
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 5 deletions.
diff --git a/src/twistlock/model.ts b/src/twistlock/model.ts
@@ -7,6 +7,7 @@ export namespace TwistlockModel {
 	interface Result {
 		id: string;
 		distro: string;
+		compliances?: Compliance[];
 		complianceDistribution: SeverityCount;
 		vulnerabilities?: Vulnerability[];
 		vulnerabilityDistribution: SeverityCount;
@@ -20,6 +21,11 @@ export namespace TwistlockModel {
 		total: number;
 	}
 
+	interface Compliance {
+		title: string;
+		severity: string;
+	}
+
 	interface Vulnerability {
 		id: string;
 		status: string;

diff --git a/templates/twistlock/scan.md.tpl b/templates/twistlock/scan.md.tpl
@@ -10,9 +10,16 @@
 | Compliance | {{ result.complianceDistribution.critical }} | {{ result.complianceDistribution.high }} | {{ result.complianceDistribution.medium }} | {{ result.complianceDistribution.low }} | {{ result.complianceDistribution.total }} |
 | Vulnerabilities | {{ result.vulnerabilityDistribution.critical }} | {{ result.vulnerabilityDistribution.high }} | {{ result.vulnerabilityDistribution.medium }} | {{ result.vulnerabilityDistribution.low }} | {{ result.vulnerabilityDistribution.total }} |
 
-
+{%   if result.compliances -%}
+## Compliance Issues
+{%     for compliance in result.compliances -%}
+* **{{ compliance.severity }}:** {{ compliance.title }}
+{%     endfor %}
+{%   endif %}
+
+{%   if result.vulnerabilities -%}
 ## Vulnerabilities
-{%   for vul in result.vulnerabilities | sort(true, false, "cvss") -%}
+{%     for vul in result.vulnerabilities | sort(true, false, "cvss") -%}
 ### {{ vul.id }}
 
 | CVSS | Severity | Package | Version | |
@@ -38,6 +45,7 @@
 {%-    endif %}
 
 ---
-{%   endfor %}
+{%     endfor %}
+{%   endif %}
 {%  endfor %}
 {% endif %}
diff --git a/test/mock/twistlock-report-all.json b/test/mock/twistlock-report-all.json
@@ -3,12 +3,18 @@
 		{
 			"id": "sha256:268bc513b12e6bf7bfb41a7f0b18d69ce69ad952b5ee7489318fbb7b870f4a33",
 			"distro": "CentOS Linux 7 (Core)",
+			"compliances": [
+				{
+					"title": "(CIS_Docker_CE_v1.1.0 - 4.1) Image should be created with a non-root user",
+					"severity": "high"
+				}
+			],
 			"complianceDistribution": {
 				"critical": 0,
-				"high": 0,
+				"high": 1,
 				"medium": 0,
 				"low": 0,
-				"total": 0
+				"total": 1
 			},
 			"vulnerabilities": [
 				{