Code Monkey home page Code Monkey logo

Comments (2)

scottford-lw avatar scottford-lw commented on July 20, 2024

@afiunelw one thing I think we think through the behavior of the lacework vulnerability scan capability. There are a few apis we need to account for...

image_id scan

This type of scan would take an image_id as an argument and return a result

curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/imageId/sha256:1ee...1d3b" -H "Authorization: Bearer YourAPIToken"

you can also filter the results by severity...

curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/imageId/sha256:1ee...1d3b?severity=medium" -H "Authorization: Bearer YourAPIToken"

image_digest scan

USAGE EXAMPLES
curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/imageDigest/sha256:5ee...c5b" -H "Authorization: Bearer YourAPIToken"
Where sha256:5ee...c5b is the Digest Id (sha256 hash) that Docker generated for the manifest of this image.

Optionally filter by severity.

curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/imageDigest/sha256:5ee...c5b"?severity=medium" -H "Authorization: Bearer YourAPIToken"
Where sha256:5ee...c5b is the Digest Id (sha256 hash) that Docker generated for the manifest of this image.

Optionally filter by a date range.

curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/imageDigest/sha256:5ee...c5b"?StartTime=2020-01-14T01:01:00Z?EndTime=2020-01-15T22:01:00Z" -H "Authorization: Bearer YourAPIToken"
Where sha256:5ee...c5b is the Digest Id (sha256 hash) that Docker generated for the manifest of this image.

On demand scan of the repository

This one seems to kick off a scan of the repository, but what if you have a number of repos. Which one are you scanning??

curl -X POST -H 'Content-Type: application/json' -d '{ "registry":"index.docker.io", "repository":"yourDockerOrg/yourRepository", "tag":"yourTag" }' "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/repository/images/scan" -H "Authorization: Bearer YourAPIToken"

Get status of scan jobs

USAGE EXAMPLES
curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/reqId/498...1f0" -H "Authorization: Bearer YourAPIToken"
Where 498...1f0 is the request id returned from the POST /api/v1/external/repository/images/scan operation.

Optionally filter by severity.

curl "https://YourLacework.lacework.net/api/v1/external/vulnerabilities/container/reqId/498...1f0?severity=medium" -H "Authorization: Bearer YourAPIToken"
Where 498...1f0 is the request id returned from the POST /api/v1/external/repository/images/scan operation.

from go-sdk.

avatar commented on July 20, 2024

Thank you, Scott! Great feedback.

To elaborate a little bit more the thinking I did inside the description of this card, in
my opinion, there are three main functionalities we want to provide to the end-user:

  • Get information about the last scan of a container image: Pretty straight forward, a command that can get the information about the last scan, these scans happen in the platform periodically, but if we want to integrate this functionality into pipelines and workflows, we need to have a way to trigger scans on demand.
  • Request an on-demand vulnerability scan: This command will trigger a new vulnerability scan on-demand. Once a user generates an image and publishes it to their container registry, they can trigger a scan to be able to analyze the container.
  • Track the progress of an on-demand vulnerability scan: Once a scan is triggered, the user will want to track the progress so that, when the scan is completed, the user can then get the information/report from the scan that just ran, but if the scan fails, the user will be able to ack upon it.

These are the main functionalities I see, if we agree on them we can then add
parameters that can modify the main functionalities, things you mentioned like,
filter by severity or by date range, search by image digest instead of image ID, etc.

Let's zoom to clarify these ideas. 💯

from go-sdk.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.