Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Stride support (#624)

Browse Source
This commit is contained in:
kazuminn
2018-04-10 13:30:22 +09:00
committed by Kota Kanbe
parent 5076326589
commit 7a1644135a
5 changed files with 118 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
report/stride.go Normal file
View File

@@ -0,0 +1,75 @@
package report
import (
"bytes"
"net/http"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"strconv"
"strings"
)
// StrideWriter send report to Stride
type StrideWriter struct{}
type StrideSender struct{}
func (w StrideWriter) Write(rs ...models.ScanResult) (err error) {
conf := config.Conf.Stride
for _, r := range rs {
w := StrideSender{}
jsonStr := `{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"` + r.ServerName + `"}]}]}}`
err = w.sendMessage(conf.HookURL, conf.AuthToken, jsonStr)
if err != nil {
return err
}
for _, vinfo := range r.ScannedCves {
maxCvss := vinfo.MaxCvssScore()
severity := strings.ToUpper(maxCvss.Value.Severity)
if severity == "" {
severity = "?"
}
jsonStr = `{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"` + vinfo.CveID + `","marks": [ { "type": "link", "attrs": { "href": "https://nvd.nist.gov/vuln/detail/` + vinfo.CveID + `", "title": "cve" } } ]}]}]}}`
w.sendMessage(conf.HookURL, conf.AuthToken, jsonStr)
if err != nil {
return err
}
jsonStr = `{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"` + strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64) + "(" + severity + ")" + `"}]}]}}`
w.sendMessage(conf.HookURL, conf.AuthToken, jsonStr)
if err != nil {
return err
}
jsonStr = `{"body":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"` + vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value + `"}]}]}}`
w.sendMessage(conf.HookURL, conf.AuthToken, jsonStr)
if err != nil {
return err
}
}
}
return nil
}
func (w StrideSender) sendMessage(uri, token, jsonStr string) error {
reqs, err := http.NewRequest("POST", uri, bytes.NewBuffer([]byte(jsonStr)))
reqs.Header.Add("Content-Type", "application/json")
reqs.Header.Add("Authorization", "Bearer "+token)
if err != nil {
return err
}
client := &http.Client{}
resp, err := client.Do(reqs)
if err != nil {
return err
}
defer resp.Body.Close()
return nil
}