Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Product ref #5

Closed
wants to merge 2 commits into from
Closed

Product ref #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ed2178e
feat: add product name and version
ruromero Sep 13, 2024
97e74fe
feat: set more descriptive name to downloaded output file
ruromero Sep 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions catalog/products.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
{
"openshift": {
"name": "OpenShift Container Platform 4",
"versions": [
"4.16",
"4.15",
"4.14",
"4.13",
"4.12",
"4.11",
"4.10"
]
},
"openshift-logging": {
"name": "OpenShift Logging Subsystem",
"versions": [
"5.9",
"5.8",
"5.7",
"5.6",
"5.5",
"5.4",
"5.3",
"5.2",
"5.1",
"5.0"
]
},
"openstack": {
"name": "OpenStack",
"versions": [
"18",
"17",
"16",
"13"
]
}
}
15 changes: 11 additions & 4 deletions morpheus_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@
from utils.sbom_tools import parse_sbom
from callback.http_callback import HttpCallback
from utils.output_tools import generate_markdown
from utils.input_tools import build_input, print_input_data
from utils.input_tools import build_input, print_input_data, product_dropdowns

st.set_page_config(page_title='Morpheus Client', layout='wide')

data_dir = os.getenv("DATA_DIR", '/data')
if not os.path.isdir(data_dir):
raise ValueError('Missing required data dir: ' + data_dir)
raise ValueError('Missing required output dir: ' + data_dir)

if 'callback' not in st.session_state:
st.session_state.callback = {}
Expand Down Expand Up @@ -41,7 +41,11 @@ def print_output():
for item in items:
with st.expander(item[0], expanded=True):
st.markdown(item[1])
st.download_button(label='Download', type='primary', data=json.dumps(data), file_name='output.json')
image = data['input']['image']['name'].split('/')[-1]
tag = data['input']['image']['tag']
product_ref = data['input']['scan']['product_ref']
file_name = f"{image}:{tag}-{product_ref}.json"
st.download_button(label='Download', type='primary', data=json.dumps(data), file_name=file_name)


callback_server = HttpCallback()
Expand Down Expand Up @@ -122,7 +126,10 @@ def save_file():
value='CVE-2024-27304', on_change=set_data_ready)
st.session_state.input_file = main_col.file_uploader("Pick a CycloneDX SBOM File generated form Syft")
update_file()
st.session_state.input_format=main_col.selectbox(label='Input format', options=['JSON', 'CSV'], index=1)
st.session_state.input_format = main_col.selectbox(label='Input format', options=['JSON', 'CSV'], index=1)

product_dropdowns(main_col)

main_col.button('Send to Morpheus', on_click=send_to_morpheus, type='primary',
disabled=is_running() or not st.session_state['data_ready'])
main_col.download_button('Save Morpheus Input', type='secondary', file_name='input.json',
Expand Down
1 change: 1 addition & 0 deletions utils/client_model.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ class Vuln(BaseModel):

class Scan(BaseModel):
vulns: list[Vuln]
product_ref: str


class InputRequest(BaseModel):
Expand Down
16 changes: 15 additions & 1 deletion utils/input_tools.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
import streamlit as st
import json
import os

from utils.client_model import SUPPORTED_LANGUAGES, Image, InputRequest, JsonSbomInfo, ManualSbomInfo, SbomPackage, Scan, SourceInfo, Vuln
from utils.sbom_tools import SbomInput
Expand Down Expand Up @@ -204,7 +206,7 @@ def build_input() -> InputRequest:
st.session_state['morpheus_waiting'] = True
input_format = st.session_state.input_format
cves = [cve.strip() for cve in cves_text.split(',')]
scan = Scan(vulns=[Vuln(vuln_id=cve) for cve in cves])
scan = Scan(vulns=[Vuln(vuln_id=cve) for cve in cves], product_ref=f"{st.session_state.product_name}-{st.session_state.product_version}")
input_data = InputRequest(
image=build_image_from_sbom(sbom, input_format), scan=scan)
return input_data
Expand All @@ -225,3 +227,15 @@ def print_input_data(col):
sbom.git_repo.languages)
else:
col.text('Load an SBOM to show the input data')

def product_dropdowns(col):
if 'products' not in st.session_state:
with open(os.path.join('./catalog', "products.json")) as products_file:
st.session_state.products = json.load(products_file)

if 'products' in st.session_state and len(st.session_state.products.keys()) > 0:
products = st.session_state.products
def __product_name(id: str) -> str:
return products[id]["name"]
st.session_state.product_name = col.selectbox(label='Product Name', options=products.keys(), index=0, format_func=__product_name)
st.session_state.product_version = col.selectbox(label='Version', options=products[st.session_state.product_name]["versions"], index=0)