Notify the difference from the previous scan result (#392)

add diff option
2017-03-23 23:58:05 +09:00
parent 7131270cad
commit c7019debb9
7 changed files with 490 additions and 21 deletions
--- a/commands/report.go
+++ b/commands/report.go
@@ -74,6 +74,8 @@ type ReportCmd struct {
 	azureContainer string

 	pipe bool
+
+	diff bool
 }

 // Name return subcommand name
@@ -95,6 +97,7 @@ func (*ReportCmd) Usage() string {
 		[-cvedb-path=/path/to/cve.sqlite3]
 		[-cvedb-url=http://127.0.0.1:1323 or mysql connection string]
 		[-cvss-over=7]
+		[-diff]
 		[-ignore-unscored-cves]
 		[-to-email]
 		[-to-slack]
@@ -171,6 +174,11 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
 		0,
 		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")

+	f.BoolVar(&p.diff,
+		"diff",
+		false,
+		fmt.Sprintf("Difference between previous result and current result "))
+
 	f.BoolVar(
 		&p.ignoreUnscoredCves,
 		"ignore-unscored-cves",
@@ -273,11 +281,6 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 	c.Conf.HTTPProxy = p.httpProxy

 	c.Conf.Pipe = p.pipe
-	jsonDir, err := jsonDir(f.Args())
-	if err != nil {
-		util.Log.Errorf("Failed to read from JSON: %s", err)
-		return subcommands.ExitFailure
-	}

 	c.Conf.FormatXML = p.formatXML
 	c.Conf.FormatJSON = p.formatJSON
@@ -287,6 +290,19 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 	c.Conf.FormatFullText = p.formatFullText

 	c.Conf.GZIP = p.gzip
+	c.Conf.Diff = p.diff
+
+	var dir string
+	var err error
+	if p.diff {
+		dir, err = jsonDir([]string{})
+	} else {
+		dir, err = jsonDir(f.Args())
+	}
+	if err != nil {
+		util.Log.Errorf("Failed to read from JSON: %s", err)
+		return subcommands.ExitFailure
+	}

 	// report
 	reports := []report.ResultWriter{
@@ -303,7 +319,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}

 	if p.toLocalFile {
 		reports = append(reports, report.LocalFileWriter{
-			CurrentDir: jsonDir,
+			CurrentDir: dir,
 		})
 	}

@@ -363,7 +379,8 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 		}
 	}

-	history, err := loadOneScanHistory(jsonDir)
+	var history models.ScanHistory
+	history, err = loadOneScanHistory(dir)
 	if err != nil {
 		util.Log.Error(err)
 		return subcommands.ExitFailure
@@ -388,8 +405,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 				return subcommands.ExitFailure
 			}
 			filled.Lang = c.Conf.Lang
-
-			if err := overwriteJSONFile(jsonDir, *filled); err != nil {
+			if err := overwriteJSONFile(dir, *filled); err != nil {
 				util.Log.Errorf("Failed to write JSON: %s", err)
 				return subcommands.ExitFailure
 			}
@@ -400,10 +416,31 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
 		}
 	}

+	if p.diff {
+		currentHistory := models.ScanHistory{ScanResults: results}
+		previousHistory, err := loadPreviousScanHistory(currentHistory)
+		if err != nil {
+			util.Log.Error(err)
+			return subcommands.ExitFailure
+		}
+
+		history, err = diff(currentHistory, previousHistory)
+		if err != nil {
+			util.Log.Error(err)
+			return subcommands.ExitFailure
+		}
+		results = []models.ScanResult{}
+		for _, r := range history.ScanResults {
+			filled, _ := r.FillCveDetail()
+			results = append(results, *filled)
+		}
+	}
+
 	var res models.ScanResults
 	for _, r := range results {
 		res = append(res, r.FilterByCvssOver())
 	}
+
 	for _, w := range reports {
 		if err := w.Write(res...); err != nil {
 			util.Log.Errorf("Failed to report: %s", err)