-
Notifications
You must be signed in to change notification settings - Fork 2k
/
vulnerabilityOccurrencesForImage.js
60 lines (53 loc) · 2.48 KB
/
vulnerabilityOccurrencesForImage.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
'use strict';
// sample-metadata:
// title: Vulnerability Occurrences for Image
// description: Retrieves all Vulnerability Occurrences attached to a specified image
// usage: node vulnerabilityOccurrencesForImage.js "project-id" "image-url"
async function main(
projectId = 'your-project-id', // Your GCP Project ID
imageUrl = 'https://gcr.io/my-project/my-image:123' // Image to attach metadata to
// If you are using Google Artifact Registry
// imageUrl = 'https://LOCATION-docker.pkg.dev/my-project/my-repo/my-image:123' // Image to attach metadata to
) {
// [START containeranalysis_vulnerability_occurrences_for_image]
/**
* TODO(developer): Uncomment these variables before running the sample
*/
// const projectId = 'your-project-id', // Your GCP Project ID
// If you are using Google Container Registry
// const imageUrl = 'https://gcr.io/my-project/my-repo/my-image:123' // Image to attach metadata to
// If you are using Google Artifact Registry
// const imageUrl = 'https://LOCATION-docker.pkg.dev/my-project/my-repo/my-image:123' // Image to attach metadata to
// Import the library and create a client
const {ContainerAnalysisClient} = require('@google-cloud/containeranalysis');
const client = new ContainerAnalysisClient();
const formattedParent = client.getGrafeasClient().projectPath(projectId);
// Retrieve a list of vulnerability occurrences assoviated with a resource
const [occurrences] = await client.getGrafeasClient().listOccurrences({
parent: formattedParent,
filter: `kind = "VULNERABILITY" AND resourceUrl = "${imageUrl}"`,
});
if (occurrences.length) {
console.log(`All Vulnerabilities for ${imageUrl}`);
occurrences.forEach(occurrence => {
console.log(`${occurrence.name}:`);
});
} else {
console.log('No occurrences found.');
}
// [END containeranalysis_vulnerability_occurrences_for_image]
}
main(...process.argv.slice(2));