New minor features

This PR will remove the option of various ENV Vars for Openstack and
switch to the OS_CLOUD env var which will reference the cloud as defined
in the baskio-config

Also enables option to suppress output from packer and dependency
installs.

Fixed layout of CVEs

cmd/build.go

@@ -13,7 +13,6 @@ limitations under the License.
 package cmd
 
 import (
-	"fmt"
 	"github.com/drew-viles/baskio/cmd/build"
 	"github.com/drew-viles/baskio/pkg/constants"
 	ostack "github.com/drew-viles/baskio/pkg/openstack"
@@ -74,8 +73,6 @@ To use baskio to build an image, an Openstack cluster is required.`,
 			if err != nil {
 				log.Fatalln(err)
 			}
-			fmt.Println(imgID)
-
 		},
 	}
 
@@ -94,11 +91,13 @@ To use baskio to build an image, an Openstack cluster is required.`,
 	cmd.Flags().StringVar(&nvidiaInstallerURLFlag, "nvidia-installer-url", "", "The Nvidia installer location - this must be acquired from Nvidia")
 	cmd.Flags().StringVar(&nvidiaVersionFlag, "nvidia-driver-version", "510.73.08", "The Nvidia driver version")
 	cmd.Flags().StringVar(&gridLicenseServerFlag, "grid-license-server", "", "The url or address of the licensing server to pull the gridd.conf from")
+	cmd.Flags().BoolVar(&verboseFlag, "verbose", false, "Enable verbose output to see the information from packer. Not turning this on will mean the process appears to hang while the image build happens.")
 
 	cmd.MarkFlagsRequiredTogether("enable-nvidia-support", "grid-license-server", "nvidia-installer-url")
 	cmd.MarkFlagsRequiredTogether("use-floating-ip", "floating-ip-network-name")
 	cmd.MarkFlagsRequiredTogether("crictl-version", "kubernetes-version")
 
+	bindViper(cmd, "build.verbose", "verbose")
 	bindViper(cmd, "build.build-os", "build-os")
 	bindViper(cmd, "build.attach-config-drive", "attach-config-drive")
 	bindViper(cmd, "build.image-repo", "image-repo")

cmd/build/build.go

@@ -21,6 +21,7 @@ import (
 	systemUtils "github.com/drew-viles/baskio/pkg/system"
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/google/uuid"
+	"github.com/spf13/viper"
 	"io"
 	"log"
 	"os"
@@ -73,7 +74,12 @@ func InstallDependencies(repoPath string) {
 	}
 	defer w.Close()
 
-	wr := io.MultiWriter(w, os.Stdout)
+	var wr io.Writer
+	if viper.GetBool("build.verbose") {
+		wr = io.MultiWriter(w, os.Stdout)
+	} else {
+		wr = w
+	}
 
 	err = systemUtils.RunMake("deps-openstack", repoPath, nil, wr)
 	if err != nil {
@@ -99,9 +105,12 @@ func BuildImage(capiPath string, buildOS string) error {
 	}
 	defer w.Close()
 
-	wr := io.MultiWriter(w, os.Stdout)
-	//TODO: Maybe fetch from openstack and sort by newest.
-	//  Would require some trickery to get new image ID.
+	var wr io.Writer
+	if viper.GetBool("build.verbose") {
+		wr = io.MultiWriter(w, os.Stdout)
+	} else {
+		wr = w
+	}
 
 	args := strings.Join([]string{"build-openstack", buildOS}, "-")
 

cmd/flags.go

@@ -5,6 +5,7 @@ var (
 	baskioConfigFlag string
 	cloudsPathFlag   string
 	cloudNameFlag    string
+	verboseFlag      bool
 
 	//Build & Scan
 	imageRepoFlag             string
@@ -30,5 +31,4 @@ var (
 	ghProjectFlag     string
 	ghTokenFlag       string
 	ghPagesBranchFlag string
-	resultsFileFlag   string
 )

cmd/publish.go

@@ -43,12 +43,12 @@ The website it generates isn't the prettiest right now but it will be improved o
 			}
 			osClient.OpenstackInit()
 
-			pagesGitDir, pagesRepo, err := publish.FetchPagesRepo(viper.GetString("publish.github.user"), viper.GetString("publish.github.token"), viper.GetString("publish.github.project"), viper.GetString("publish.github.branch"))
+			pagesGitDir, pagesRepo, err := publish.FetchPagesRepo(viper.GetString("publish.github.user"), viper.GetString("publish.github.token"), viper.GetString("publish.github.project"), viper.GetString("publish.github.pages-branch"))
 			if err != nil {
 				log.Fatalln(err)
 			}
 
-			resultsFile, err := os.Open(viper.GetString("publish.results-file"))
+			resultsFile, err := os.Open("results.json")
 			if err != nil {
 				log.Fatalln(err.Error())
 			}
@@ -82,7 +82,6 @@ The website it generates isn't the prettiest right now but it will be improved o
 	cmd.Flags().StringVar(&ghTokenFlag, "github-token", "", "The token for the GitHub project to which the pages will be pushed")
 	cmd.Flags().StringVar(&ghPagesBranchFlag, "github-pages-branch", "gh-pages", "The branch name for GitHub project to which the pages will be pushed")
 	cmd.Flags().StringVar(&imageIDFlag, "image-id", "", "The ID of the image to scan")
-	cmd.Flags().StringVar(&resultsFileFlag, "results-file", "results.json", "The results file outputted by the scan")
 
 	cmd.MarkFlagsRequiredTogether("github-user", "github-project", "github-token")
 
@@ -91,7 +90,6 @@ The website it generates isn't the prettiest right now but it will be improved o
 	bindViper(cmd, "publish.github.project", "github-project")
 	bindViper(cmd, "publish.github.token", "github-token")
 	bindViper(cmd, "publish.github.pages-branch", "github-pages-branch")
-	bindViper(cmd, "publish.results-file", "results-file")
 
 	return cmd
 

cmd/publish/templates/index.html.gotmpl

@@ -114,11 +114,10 @@
             <div class="modal-body">
                 <p>Package(s): <span id="cveModalPackage"></span></p>
                 <p id="cveModalDescription">CVE description</p>
-                <div id="cveScore">
+                <div>
                     <h6>CVE scoring</h6>
                     <ul>
-                        <li>Score 2 <span id="cveScore2">0</span></li>
-                        <li>Score 3 <span id="cveScore3">0</span></li>
+                        <li>Score <span id="cveScore">0</span></li>
                     </ul>
                 </div>
                 <a href="#" target="_blank" id="cveLink">More info</a>

cmd/publish/templates/js/class.js.gotmpl

@@ -30,13 +30,30 @@ class ReportFile {
 class CVE {
     packages = [];
 
-    constructor(id, title, packages, description, uri, severity) {
+    constructor(id, title, packages, description, uri, severity, cvss) {
         this.id = id;
         this.title = title;
         this.packages.push(packages);
         this.description = description;
         this.uri = uri;
         this.severity = severity;
+        this.score = "";
+
+        if (cvss) {
+            if (cvss.nvd) {
+                if (cvss.nvd.V2Score) {
+                    this.score = cvss.nvd.V2Score;
+                }
+                if (cvss.nvd.V3Score) {
+                    this.score = cvss.nvd.V3Score;
+                }
+            }
+            if (cvss.redhat) {
+                if (cvss.redhat.V3Score) {
+                    this.score = cvss.redhat.V3Score;
+                }
+            }
+        }
     }
 
     AddPackage(pkg) {
@@ -53,7 +70,7 @@ class CVEs {
                 let cveReport = this.cves.get(res.VulnerabilityID);
                 cveReport.AddPackage(res.PkgName);
             } else {
-                let cve = new CVE(res.VulnerabilityID, res.Title, res.PkgName, res.Description, res.PrimaryURL, res.Severity);
+                let cve = new CVE(res.VulnerabilityID, res.Title, res.PkgName, res.Description, res.PrimaryURL, res.Severity, res.CVSS);
                 this.cves.set(res.VulnerabilityID, cve);
             }
         });

cmd/publish/templates/js/main.js.gotmpl

@@ -99,7 +99,6 @@ function loadResultsIntoAccordion(report) {
                 medCount++;
                 break;
             case "LOW":
-                console.log("raw:" + lowCount);
                 if (lowCount % cols === 0) {
                     val += rowStart;
                 }
@@ -116,29 +115,26 @@ function loadResultsIntoAccordion(report) {
         }
     });
 
-
     criticalAccordion.innerHTML = critAccord;
     mediumAccordion.innerHTML = medAccord;
     lowAccordion.innerHTML = lowAccord;
-
 }
 
 function CardGen(cve) {
     return `<div class="col">
     <div class="card" style="width: 18rem;">
       <div class="card-body">
-        <h5 class="card-title">${cve.title.substring(0, 16) + "\u2026"}</h5>
-        <h6 class="card-subtitle mb-2 text-muted">${cve.id} - <span class="card-subtitle mb-2 text-muted">${cve.score}</span></h6>
+        <h5 class="card-title">${(cve.title) ? cve.title.substring(0, 16) + "\u2026" : "No title"}</h5>
+        <h6 class="card-subtitle mb-2 text-muted"> <span class="card-subtitle mb-2 text-muted">Score: ${cve.score}</span></h6>
         <p class="card-text">${cve.description.substring(0, 50) + "\u2026"}</p>
 
         <ul class="list-group list-group-flush">
             ${cve.packages.map(package => `<li class="list-group-item">${package}</li>`).join("")}
         </ul>
 
-        <a href="#" class="card-link" data-bs-toggle="modal" data-bs-target="#cveModal" data-cve-cve="${cve.id}" data-cve-pkg="${cve.packages}" data-cve-title="${cve.title}" data-cve-description='${cve.description}' data-cve-uri="${cve.uri}">More info</a>
+        <a href="#" class="card-link" data-bs-toggle="modal" data-bs-target="#cveModal" data-cve-cve="${cve.id}" data-cve-pkg="${cve.packages}" data-cve-title="${cve.title}" data-cve-description='${cve.description}' data-cve-uri="${cve.uri}" data-cve-score="${cve.score}">More info</a>
       </div>
     </div>
-
 </div>`
 }
 
@@ -151,38 +147,22 @@ cveModal.addEventListener('show.bs.modal', function (event) {
     let title = button.getAttribute('data-cve-title');
     let pkg = button.getAttribute('data-cve-pkg');
     let description = button.getAttribute('data-cve-description');
-    let score2 = button.getAttribute('data-cve-score2');
-    let score3 = button.getAttribute('data-cve-score3');
-    let link = button.getAttribute('data-cve-link');
+    let score = button.getAttribute('data-cve-score');
+    let link = button.getAttribute('data-cve-uri');
 
     let modalTitle = cveModal.querySelector('.modal-title');
     let modalSubtitle = cveModal.querySelector('#cveModalTitle');
     let modalBodyDescription = cveModal.querySelector('#cveModalDescription');
     let modalBodyPackage = cveModal.querySelector('#cveModalPackage');
     let modalBodyScore = cveModal.querySelector('#cveScore');
-    let modalBodyScore2 = cveModal.querySelector('#cveScore2');
-    let modalBodyScore3 = cveModal.querySelector('#cveScore3');
     let modalBodyLink = cveModal.querySelector('#cveLink');
 
     modalTitle.textContent = cve;
     modalSubtitle.textContent = title;
     modalBodyDescription.textContent = description;
     modalBodyPackage.textContent = pkg;
 
-    if (score2 === "undefined" && score3 === "undefined") {
-        modalBodyScore.innerHTML = '';
-    } else {
-        if (score2 !== "undefined") {
-            modalBodyScore2.textContent = score2;
-        } else {
-            modalBodyScore2.textContent = "None provided";
-        }
-        if (score3 !== "undefined") {
-            modalBodyScore3.textContent = score3;
-        } else {
-            modalBodyScore3.textContent = "None provided";
-        }
-    }
+    modalBodyScore.innerHTML = score;
 
     modalBodyLink.href = link;
 })

pkg/openstack/config.go

@@ -110,29 +110,9 @@ func parseCloudsConfig(cloudsPath string) *OpenstackClouds {
 
 // SetOpenstackEnvs sets the environment variables for the build command to be able to connect to Openstack.
 func (c *OpenstackClouds) SetOpenstackEnvs() {
-	cloud := c.Clouds[viper.GetString("cloud-name")]
-	if cloud.AuthType == "" {
-		cloud.AuthType = "password"
-	}
-	requiredVars := map[string]string{
-		"OS_AUTH_URL":             cloud.Auth.AuthURL,
-		"OS_PROJECT_NAME":         cloud.Auth.ProjectName,
-		"OS_PROJECT_ID":           cloud.Auth.ProjectID,
-		"OS_USERNAME":             cloud.Auth.Username,
-		"OS_PASSWORD":             cloud.Auth.Password,
-		"OS_REGION_NAME":          cloud.RegionName,
-		"OS_INTERFACE":            cloud.Interface,
-		"OS_USER_DOMAIN_NAME":     cloud.Auth.UserDomainName,
-		"OS_PROJECT_DOMAIN_NAME":  "Default",
-		"OS_IDENTITY_API_VERSION": strconv.Itoa(cloud.IdentityApiVersion),
-		"OS_AUTH_PLUGIN":          cloud.AuthType,
-	}
-
-	for k, v := range requiredVars {
-		err := os.Setenv(k, v)
-		if err != nil {
-			log.Fatalln(err)
-		}
+	err := os.Setenv("OS_CLOUD", viper.GetString("cloud-name"))
+	if err != nil {
+		log.Fatalln(err)
 	}
 }