diff --git a/src/twistlock/model.ts b/src/twistlock/model.ts index 7a6e930a..d6004a05 100644 --- a/src/twistlock/model.ts +++ b/src/twistlock/model.ts @@ -7,6 +7,7 @@ export namespace TwistlockModel { interface Result { id: string; distro: string; + compliances?: Compliance[]; complianceDistribution: SeverityCount; vulnerabilities?: Vulnerability[]; vulnerabilityDistribution: SeverityCount; @@ -20,6 +21,11 @@ export namespace TwistlockModel { total: number; } + interface Compliance { + title: string; + severity: string; + } + interface Vulnerability { id: string; status: string; diff --git a/templates/twistlock/scan.md.tpl b/templates/twistlock/scan.md.tpl index a03eb6d4..91ed9381 100644 --- a/templates/twistlock/scan.md.tpl +++ b/templates/twistlock/scan.md.tpl @@ -10,9 +10,16 @@ | Compliance | {{ result.complianceDistribution.critical }} | {{ result.complianceDistribution.high }} | {{ result.complianceDistribution.medium }} | {{ result.complianceDistribution.low }} | {{ result.complianceDistribution.total }} | | Vulnerabilities | {{ result.vulnerabilityDistribution.critical }} | {{ result.vulnerabilityDistribution.high }} | {{ result.vulnerabilityDistribution.medium }} | {{ result.vulnerabilityDistribution.low }} | {{ result.vulnerabilityDistribution.total }} | - +{% if result.compliances -%} +## Compliance Issues +{% for compliance in result.compliances -%} +* **{{ compliance.severity }}:** {{ compliance.title }} +{% endfor %} +{% endif %} + +{% if result.vulnerabilities -%} ## Vulnerabilities -{% for vul in result.vulnerabilities | sort(true, false, "cvss") -%} +{% for vul in result.vulnerabilities | sort(true, false, "cvss") -%} ### {{ vul.id }} | CVSS | Severity | Package | Version | | @@ -38,6 +45,7 @@ {%- endif %} --- -{% endfor %} +{% endfor %} +{% endif %} {% endfor %} {% endif %} diff --git a/test/mock/twistlock-report-all.json b/test/mock/twistlock-report-all.json index f6e26d06..141c3daf 100644 --- a/test/mock/twistlock-report-all.json +++ b/test/mock/twistlock-report-all.json @@ -3,12 +3,18 @@ { "id": "sha256:268bc513b12e6bf7bfb41a7f0b18d69ce69ad952b5ee7489318fbb7b870f4a33", "distro": "CentOS Linux 7 (Core)", + "compliances": [ + { + "title": "(CIS_Docker_CE_v1.1.0 - 4.1) Image should be created with a non-root user", + "severity": "high" + } + ], "complianceDistribution": { "critical": 0, - "high": 0, + "high": 1, "medium": 0, "low": 0, - "total": 0 + "total": 1 }, "vulnerabilities": [ {