Add -to-http option to report

Author: knqyf263

commands/report.go

@@ -67,6 +67,7 @@ type ReportCmd struct {
 	toLocalFile bool
 	toS3        bool
 	toAzureBlob bool
+	toHTTP      string
 
 	formatJSON        bool
 	formatXML         bool
@@ -118,6 +119,7 @@ func (*ReportCmd) Usage() string {
 		[-ignore-unscored-cves]
 		[-ignore-unfixed]
 		[-to-email]
+		[-to-http]
 		[-to-slack]
 		[-to-stride]
 		[-to-hipchat]
@@ -287,6 +289,11 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
 		"to-s3",
 		false,
 		"Write report to S3 (bucket/yyyyMMdd_HHmm/servername.json/xml/txt)")
+	f.StringVar(&p.toHTTP,
+		"to-http",
+		"",
+		"http://vuls-server (default: empty)")
+
 	f.StringVar(&p.awsProfile, "aws-profile", "default", "AWS profile to use")
 	f.StringVar(&p.awsRegion, "aws-region", "us-east-1", "AWS region to use")
 	f.StringVar(&p.awsS3Bucket, "aws-s3-bucket", "", "S3 bucket name")
@@ -348,6 +355,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 	c.Conf.ToHipChat = p.toHipChat
 	c.Conf.ToChatWork = p.toChatWork
 	c.Conf.ToEmail = p.toEMail
+	c.Conf.ToHTTP = p.toHTTP
 	c.Conf.ToSyslog = p.toSyslog
 	c.Conf.ToLocalFile = p.toLocalFile
 	c.Conf.ToS3 = p.toS3
@@ -406,6 +414,12 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 		reports = append(reports, report.SyslogWriter{})
 	}
 
+	if p.toHTTP != "" {
+		reports = append(reports, report.HTTPRequestWriter{
+			URL: p.toHTTP,
+		})
+	}
+
 	if p.toLocalFile {
 		reports = append(reports, report.LocalFileWriter{
 			CurrentDir: dir,

config/config.go

@@ -144,6 +144,7 @@ type Config struct {
 	ToLocalFile bool
 	ToS3        bool
 	ToAzureBlob bool
+	ToHTTP      string
 
 	FormatXML         bool
 	FormatJSON        bool

report/http.go

@@ -18,20 +18,39 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package report
 
 import (
+	"bytes"
 	"encoding/json"
 	"net/http"
 
 	"github.com/future-architect/vuls/models"
 	"github.com/pkg/errors"
 )
 
-// HTTPWriter writes results to S3
-type HTTPWriter struct {
+// HTTPRequestWriter writes results to HTTP request
+type HTTPRequestWriter struct {
+	URL string
+}
+
+// Write sends results as HTTP response
+func (w HTTPRequestWriter) Write(rs ...models.ScanResult) (err error) {
+	for _, r := range rs {
+		b := new(bytes.Buffer)
+		json.NewEncoder(b).Encode(r)
+		_, err = http.Post(w.URL, "application/json; charset=utf-8", b)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// HTTPResponseWriter writes results to HTTP response
+type HTTPResponseWriter struct {
 	Writer http.ResponseWriter
 }
 
 // Write sends results as HTTP response
-func (w HTTPWriter) Write(rs ...models.ScanResult) (err error) {
+func (w HTTPResponseWriter) Write(rs ...models.ScanResult) (err error) {
 	res, err := json.Marshal(rs)
 	if err != nil {
 		return errors.Wrap(err, "Failed to marshal scah results")

scan/debian.go

@@ -375,7 +375,6 @@ func (o *debian) parseInstalledPackages(stdout string) (models.Packages, models.
 	// openssh-server,ii ,1:6.7p1-5+deb8u3,openssh,1:6.7p1-5+deb8u3
 	// tar,ii ,1.27.1-2+b1,tar (1.27.1-2),1.27.1-2
 	lines := strings.Split(stdout, "\n")
-	fmt.Println(lines)
 	for _, line := range lines {
 		if trimmed := strings.TrimSpace(line); len(trimmed) != 0 {
 			name, status, version, srcName, srcVersion, err := o.parseScannedPackagesLine(trimmed)

server/server.go

@@ -22,6 +22,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"mime"
 	"net/http"
 	"time"
 
@@ -42,13 +43,20 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	result := models.ScanResult{ScannedCves: models.VulnInfos{}}
 
 	contentType := r.Header.Get("Content-Type")
-	if contentType == "application/json" {
+	mediatype, _, err := mime.ParseMediaType(contentType)
+	if err != nil {
+		util.Log.Error(err)
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	if mediatype == "application/json" {
 		if err = json.NewDecoder(r.Body).Decode(&result); err != nil {
 			util.Log.Error(err)
 			http.Error(w, "Invalid JSON", http.StatusBadRequest)
 			return
 		}
-	} else if contentType == "text/plain" {
+	} else if mediatype == "text/plain" {
 		buf := new(bytes.Buffer)
 		io.Copy(buf, r.Body)
 		if result, err = scan.ViaHTTP(r.Header, buf.String()); err != nil {
@@ -57,6 +65,7 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	} else {
+		util.Log.Error(mediatype)
 		http.Error(w, fmt.Sprintf("Invalid Content-Type: %s", contentType), http.StatusUnsupportedMediaType)
 		return
 	}
@@ -69,10 +78,13 @@ func (h VulsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	// report
 	reports := []report.ResultWriter{
-		report.HTTPWriter{Writer: w},
+		report.HTTPResponseWriter{Writer: w},
 	}
 	if c.Conf.ToLocalFile {
-		scannedAt := time.Now().Truncate(1 * time.Hour)
+		scannedAt := result.ScannedAt
+		if scannedAt.IsZero() {
+			scannedAt = time.Now().Truncate(1 * time.Hour)
+		}
 		dir, err := scan.EnsureResultDir(scannedAt)
 		if err != nil {
 			util.Log.Errorf("Failed to ensure the result directory: %s", err)