show host name instead of guid in host scan notifications (#653)

* fix host name in vuln report for slack and html * fix host name in vuln report for slack and html * fix host name in vuln report for all other outputs as well. add some dummy string to understand which one is triggered * fix host name in vuln report for all other outputs as well. add some dummy string to understand which one is triggered * fix host name in host vuln report * fix some lint issues * fix some lint issues * fix some lint issues * fix some lint issues * fix some lint issues * fix some lint issues * revert changes in smtp file * override lint error
aquasecurity · Aug 20, 2024 · 22f8ccd · 22f8ccd
1 parent 147875d
commit 22f8ccd
Show file tree

Hide file tree

Showing 8 changed files with 42 additions and 18 deletions.
diff --git a/outputs/customsmtp/smtp.go b/outputs/customsmtp/smtp.go
@@ -193,6 +193,7 @@ func (c *Client) Auth(a Auth) error {
 	}
 	resp64 := make([]byte, encoding.EncodedLen(len(resp)))
 	encoding.Encode(resp64, resp)
+	//nolint:govet
 	code, msg64, err := c.cmd(0, strings.TrimSpace(fmt.Sprintf("AUTH %s %s", mech, resp64)))
 	for err == nil {
 		var msg []byte
@@ -219,6 +220,7 @@ func (c *Client) Auth(a Auth) error {
 		}
 		resp64 = make([]byte, encoding.EncodedLen(len(resp)))
 		encoding.Encode(resp64, resp)
+		//nolint:govet
 		code, msg64, err = c.cmd(0, string(resp64))
 	}
 	return err

diff --git a/rego-templates/swit-text.rego b/rego-templates/swit-text.rego
@@ -180,23 +180,27 @@ report_type := "function" if{
     input.entity_type == 2
 } else = "image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
+
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 
 ## url formats:
 ## function: <server_url>/#/functions/<registry>/<image>
 ## vm: <server_url>/#/infrastructure/<image>/node
 ## image: <server_url>/#/image/<registry>/<image>
-href := sprintf("%s%s/%s/%s", [server_url, "functions", urlquery.encode(input.registry), urlquery.encode(input.image)])  if{
+href := sprintf("%s%s/%s/%s", [server_url, "functions", urlquery.encode(input.registry), urlquery.encode(reportEntityName)])  if{
     report_type == "function"
-} else = sprintf("%s%s/%s/%s", [server_url, "infrastructure", urlquery.encode(input.image), "node"]){
+} else = sprintf("%s%s/%s/%s", [server_url, "infrastructure", urlquery.encode(reportEntityName), "node"]){
     report_type == "vm"
-} else = sprintf("%s%s/%s/%s", [server_url, "image", urlquery.encode(input.registry), urlquery.encode(input.image)])
+} else = sprintf("%s%s/%s/%s", [server_url, "image", urlquery.encode(input.registry), urlquery.encode(reportEntityName)])
 
-text :=  sprintf("%s%s/%s/%s", [server_url, "functions", input.registry, input.image]) if{
+text :=  sprintf("%s%s/%s/%s", [server_url, "functions", input.registry, reportEntityName]) if{
     report_type == "function"
-} else = sprintf("%s%s/%s/%s", [server_url, "infrastructure", input.image, "node"]) {
+} else = sprintf("%s%s/%s/%s", [server_url, "infrastructure", reportEntityName, "node"]) {
     report_type == "vm"
-} else = sprintf("%s%s/%s/%s", [server_url, report_type, input.registry, input.image])
+} else = sprintf("%s%s/%s/%s", [server_url, report_type, input.registry, reportEntityName])
 
 url := by_flag("", href, server_url == "")
 

diff --git a/rego-templates/vuls-email.rego b/rego-templates/vuls-email.rego
@@ -341,7 +341,11 @@ report_type := "Function" if{
     input.entity_type == 2
 } else = "Image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
+
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 
 aggregation_pkg := "postee.vuls.html.aggregation"
 
@@ -355,7 +359,7 @@ result = msg {
         style,
         logo,
         report_type,
-        input.image,
+        reportEntityName,
         by_flag( # Malware found
             "Yes",
             "No",

diff --git a/rego-templates/vuls-html.rego b/rego-templates/vuls-html.rego
@@ -172,14 +172,18 @@ report_type := "Function" if{
     input.entity_type == 2
 } else = "Image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
+
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 
 aggregation_pkg := "postee.vuls.html.aggregation"
 result = msg {
 
     msg := sprintf(tpl, [
     report_type,
-    input.image,
+    reportEntityName,
     input.registry,
 	by_flag(
      sprintf("%s is non-compliant", [report_type]),

diff --git a/rego-templates/vuls-jira.rego b/rego-templates/vuls-jira.rego
@@ -13,8 +13,11 @@ report_type := "Function" if{
     input.entity_type == 2
 } else = "Image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
 
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 tpl:=`
 *%s name:* %s
 *Registry:* %s
@@ -51,7 +54,7 @@ assurance_controls(inp) = l {
 result = msg {
     msg := sprintf(tpl, [
     report_type,
-    input.image,
+    reportEntityName,
     input.registry,
 	by_flag(
      sprintf("%s is _*non-compliant*_", [report_type]),

diff --git a/rego-templates/vuls-servicenow.rego b/rego-templates/vuls-servicenow.rego
@@ -195,8 +195,11 @@ report_type := "Function" if{
     input.entity_type == 2
 } else = "Image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
 
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 # some vulnerability_summary fields may not exist
 default vulnerability_summary_critical := 0
 vulnerability_summary_critical := input.vulnerability_summary.critical
@@ -215,7 +218,7 @@ aggregation_pkg := "postee.vuls.html.aggregation"
 result = msg {
 
     msg := sprintf(html_tpl, [
-    input.image,
+    reportEntityName,
     input.registry,
 	by_flag(
      "Yes",

diff --git a/rego-templates/vuls-slack.rego b/rego-templates/vuls-slack.rego
@@ -125,7 +125,11 @@ report_type := "Function" if{
     input.entity_type == 2
 } else = "Image"
 
-title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, input.image])
+reportEntityName := input.host_info.logical_name if {
+    report_type == "VM"
+} else = input.image
+
+title = sprintf(`Aqua security | %s | %s | Scan report`, [report_type, reportEntityName])
 
 aggregation_pkg := "postee.vuls.slack.aggregation"
 
@@ -150,7 +154,7 @@ result = res {
     ])
 
 
-	headers1 := [{"type":"section","text":{"type":"mrkdwn","text":sprintf("%s name: %s", [report_type ,input.image])}},
+	headers1 := [{"type":"section","text":{"type":"mrkdwn","text":sprintf("%s name: %s", [report_type ,reportEntityName])}},
     			{"type":"section","text":{"type":"mrkdwn","text":sprintf("Registry: %s", [input.registry])}},
     			{"type":"section","text":{"type":"mrkdwn","text": by_flag(
                                                                         sprintf("%s is non-compliant", [report_type]),

diff --git a/regoservice/eval.go b/regoservice/eval.go
@@ -138,7 +138,7 @@ func getFirstElement(context map[string]interface{}, key string) interface{} {
 func asStringOrJson(data map[string]interface{}, prop string) (string, error) {
 	expr, ok := data[prop]
 	if !ok {
-		return "", fmt.Errorf(fmt.Sprintf("property '%s' is not found", prop))
+		return "", fmt.Errorf("property '%s' is not found", prop)
 	}
 	switch v := expr.(type) {
 	case string: