Support ignore CveIDs in config

scan/base.go

@@ -224,13 +224,31 @@ func (l base) isAwsInstanceID(str string) bool {
 }
 
 func (l *base) convertToModel() (models.ScanResult, error) {
-	var scoredCves, unscoredCves models.CveInfos
+	var scoredCves, unscoredCves, ignoredCves models.CveInfos
 	for _, p := range l.UnsecurePackages {
+		// ignoreCves
+		found := false
+		for _, icve := range l.getServerInfo().IgnoreCves {
+			if icve == p.CveDetail.CveID {
+				ignoredCves = append(ignoredCves, models.CveInfo{
+					CveDetail:        p.CveDetail,
+					Packages:         p.Packs,
+					DistroAdvisories: p.DistroAdvisories,
+				})
+				found = true
+				break
+			}
+		}
+		if found {
+			continue
+		}
+
+		// unscoredCves
 		if p.CveDetail.CvssScore(config.Conf.Lang) <= 0 {
 			unscoredCves = append(unscoredCves, models.CveInfo{
 				CveDetail:        p.CveDetail,
 				Packages:         p.Packs,
-				DistroAdvisories: p.DistroAdvisories, // only Amazon Linux
+				DistroAdvisories: p.DistroAdvisories,
 			})
 			continue
 		}
@@ -241,10 +259,11 @@ func (l *base) convertToModel() (models.ScanResult, error) {
 				models.CpeName{Name: cpename})
 		}
 
+		// scoredCves
 		cve := models.CveInfo{
 			CveDetail:        p.CveDetail,
 			Packages:         p.Packs,
-			DistroAdvisories: p.DistroAdvisories, // only Amazon Linux
+			DistroAdvisories: p.DistroAdvisories,
 			CpeNames:         cpenames,
 		}
 		scoredCves = append(scoredCves, cve)
@@ -257,6 +276,7 @@ func (l *base) convertToModel() (models.ScanResult, error) {
 
 	sort.Sort(scoredCves)
 	sort.Sort(unscoredCves)
+	sort.Sort(ignoredCves)
 
 	return models.ScanResult{
 		ServerName:  l.ServerInfo.ServerName,
@@ -267,6 +287,7 @@ func (l *base) convertToModel() (models.ScanResult, error) {
 		Platform:    l.Platform,
 		KnownCves:   scoredCves,
 		UnknownCves: unscoredCves,
+		IgnoredCves: ignoredCves,
 		Optional:    l.ServerInfo.Optional,
 	}, nil
 }