Skip to content

Commit

Permalink
feat(cli): make get vulnerabilityreports cmd compatible with kubectl …
Browse files Browse the repository at this point in the history
…get cmd (aquasecurity#766)

Resolves: aquasecurity#737

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
  • Loading branch information
danielpacak authored Oct 21, 2021
1 parent f612cbf commit 9c25045
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 10 deletions.
4 changes: 4 additions & 0 deletions itest/starboard/starboard_cli_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -703,6 +703,7 @@ var _ = Describe("Starboard CLI", func() {
"starboard", "get", "vulnerabilityreports",
"deployment/" + deploy.Name,
"--namespace", deploy.Namespace,
"--output", "yaml",
"-v", starboardCLILogLevel,
}, stdout, stderr)
Expect(err).ToNot(HaveOccurred())
Expand Down Expand Up @@ -804,6 +805,7 @@ var _ = Describe("Starboard CLI", func() {
"starboard", "get", "vulnerabilities",
"deployment/" + deploy.Name,
"--namespace", testNamespace.Name,
"--output", "yaml",
"-v", starboardCLILogLevel,
}, stdout, stderr)
Expect(err).ToNot(HaveOccurred())
Expand Down Expand Up @@ -831,6 +833,7 @@ var _ = Describe("Starboard CLI", func() {
"starboard", "get", "vulnerabilities",
"replicaset/" + replicasetName,
"--namespace", testNamespace.Name,
"--output", "yaml",
"-v", starboardCLILogLevel,
}, stdout, stderr)
Expect(err).ToNot(HaveOccurred())
Expand Down Expand Up @@ -858,6 +861,7 @@ var _ = Describe("Starboard CLI", func() {
"starboard", "get", "vulnerabilities",
"pod/" + podName,
"--namespace", testNamespace.Name,
"--output", "yaml",
"-v", starboardCLILogLevel,
}, stdout, stderr)
Expect(err).ToNot(HaveOccurred())
Expand Down
2 changes: 1 addition & 1 deletion pkg/cmd/get.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ func NewGetCmd(buildInfo starboard.BuildInfo, cf *genericclioptions.ConfigFlags,
}
getCmd.AddCommand(NewGetVulnerabilityReportsCmd(buildInfo.Executable, cf, outWriter))
getCmd.AddCommand(NewGetConfigAuditReportsCmd(buildInfo.Executable, cf, outWriter))
getCmd.PersistentFlags().StringP("output", "o", "yaml", "Output format. One of yaml|json")
getCmd.PersistentFlags().StringP("output", "o", "", "Output format. One of yaml|json")

return getCmd
}
50 changes: 41 additions & 9 deletions pkg/cmd/get_vulnerabilityreports.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,14 @@ import (
"context"
"fmt"
"io"
"strings"

"github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1"
"github.com/aquasecurity/starboard/pkg/starboard"
"github.com/aquasecurity/starboard/pkg/vulnerabilityreport"
"github.com/spf13/cobra"
"k8s.io/cli-runtime/pkg/genericclioptions"
"k8s.io/cli-runtime/pkg/printers"
"sigs.k8s.io/controller-runtime/pkg/client"
)

Expand All @@ -32,6 +34,10 @@ NAME is the name of a particular Kubernetes workload.
# Get vulnerability reports for a ReplicaSet with the specified name
%[1]s get vulns replicaset/nginx
# Get vulnerability reports for the specified container belonging to
# a ReplicaSet with the specified name
%[1]s get vulns replicaset/nginx --container nginx
# Get vulnerability reports for a CronJob with the specified name in JSON output format
%[1]s get vuln cj/my-job -o json`, executable),
RunE: func(cmd *cobra.Command, args []string) error {
Expand Down Expand Up @@ -70,21 +76,47 @@ NAME is the name of a particular Kubernetes workload.
}

format := cmd.Flag("output").Value.String()
printer, err := genericclioptions.NewPrintFlags("").
WithTypeSetter(starboard.NewScheme()).
WithDefaultOutput(format).
ToPrinter()
if err != nil {
return fmt.Errorf("create printer: %v", err)
container := cmd.Flag("container").Value.String()

var printer printers.ResourcePrinter

switch format {
case "yaml", "json":
printer, err = genericclioptions.NewPrintFlags("").
WithTypeSetter(starboard.NewScheme()).
WithDefaultOutput(format).
ToPrinter()
if err != nil {
return err
}
case "":
printer = printers.NewTablePrinter(printers.PrintOptions{})
if err != nil {
return err
}
default:
return fmt.Errorf("invalid output format %q, allowed formats are: yaml,json", format)
}

if err := printer.PrintObj(&v1alpha1.VulnerabilityReportList{Items: items}, out); err != nil {
return fmt.Errorf("print vulnerability reports: %v", err)
list := &v1alpha1.VulnerabilityReportList{
Items: []v1alpha1.VulnerabilityReport{},
}

return nil
for _, item := range items {
if container != "" && item.Labels[starboard.LabelContainerName] != container {
continue
}
list.Items = append(list.Items, item)
}
if len(items) > 0 && len(list.Items) == 0 {
return fmt.Errorf("container %s is not valid for %s %s", container, strings.ToLower(string(workload.Kind)), workload.Name)
}

return printer.PrintObj(list, out)
},
}

cmd.PersistentFlags().StringP("container", "c", "", "Get vulnerability report of this container")

return cmd
}

0 comments on commit 9c25045

Please sign in to comment.