Fixes to support packages list at the end of a scan

Signed-off-by: Christian Zunker <[email protected]>
mondoohq · Dec 4, 2023 · 8b2fecb · 8b2fecb
1 parent 2c026c4
commit 8b2fecb
Show file tree

Hide file tree

Showing 5 changed files with 164 additions and 29 deletions.
diff --git a/providers-sdk/v1/upstream/gql/conversion.go b/providers-sdk/v1/upstream/gql/conversion.go
@@ -0,0 +1,87 @@
+package gql
+
+import "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/mvd"
+
+func ConvertToMvdVulnReport(vulnReport *VulnReport) *mvd.VulnReport {
+	if vulnReport == nil {
+		return nil
+	}
+	mvdVulnReport := &mvd.VulnReport{
+		Stats: &mvd.ReportStats{},
+	}
+	mvdVulnReport.Advisories = make([]*mvd.Advisory, len(vulnReport.Advisories))
+	for i, advisory := range vulnReport.Advisories {
+		mvdAdvisory := &mvd.Advisory{
+			ID:          advisory.Id,
+			Title:       advisory.Title,
+			Description: advisory.Description,
+			Fixed:       []*mvd.Package{},
+			Affected:    []*mvd.Package{},
+			Score:       int32(advisory.CvssScore.Value),
+		}
+		for _, fixed := range advisory.FixedByPackages {
+			mvdAdvisory.Fixed = append(mvdAdvisory.Fixed, &mvd.Package{
+				Name:      fixed.Name,
+				Version:   fixed.Version,
+				Available: fixed.Available,
+			})
+		}
+		for _, affected := range advisory.AffectedPackages {
+			mvdAdvisory.Affected = append(mvdAdvisory.Affected, &mvd.Package{
+				Name:      affected.Name,
+				Version:   affected.Version,
+				Available: affected.Available,
+				Affected:  true,
+				Score:     int32(affected.Score.Value),
+			})
+		}
+		mvdVulnReport.Advisories[i] = mvdAdvisory
+	}
+	mvdVulnReport.Packages = make([]*mvd.Package, len(vulnReport.Packages))
+	for i, pkg := range vulnReport.Packages {
+		mvdVulnReport.Packages[i] = &mvd.Package{
+			Name:      pkg.Name,
+			Version:   pkg.Version,
+			Available: pkg.Available,
+			Affected:  true,
+			Score:     int32(pkg.Score.Value),
+		}
+	}
+
+	if vulnReport.Stats != nil {
+		mvdVulnReport.Stats = &mvd.ReportStats{
+			Score: int32(vulnReport.Stats.Score.Value),
+			Advisories: &mvd.ReportStatsAdvisories{
+				Total:    int32(vulnReport.Stats.Advisories.Total),
+				Critical: int32(vulnReport.Stats.Advisories.Critical),
+				High:     int32(vulnReport.Stats.Advisories.High),
+				Medium:   int32(vulnReport.Stats.Advisories.Medium),
+				Low:      int32(vulnReport.Stats.Advisories.Low),
+				None:     int32(vulnReport.Stats.Advisories.None),
+				Unknown:  int32(vulnReport.Stats.Advisories.Unknown),
+			},
+			Cves: &mvd.ReportStatsCves{
+				Total:    int32(vulnReport.Stats.Cves.Total),
+				Critical: int32(vulnReport.Stats.Cves.Critical),
+				High:     int32(vulnReport.Stats.Cves.High),
+				Medium:   int32(vulnReport.Stats.Cves.Medium),
+				Low:      int32(vulnReport.Stats.Cves.Low),
+				None:     int32(vulnReport.Stats.Cves.None),
+				Unknown:  int32(vulnReport.Stats.Cves.Unknown),
+			},
+			Packages: &mvd.ReportStatsPackages{
+				Total:    int32(vulnReport.Stats.Packages.Total),
+				Affected: int32(vulnReport.Stats.Packages.Affected),
+				Critical: int32(vulnReport.Stats.Packages.Critical),
+				High:     int32(vulnReport.Stats.Packages.High),
+				Medium:   int32(vulnReport.Stats.Packages.Medium),
+				Low:      int32(vulnReport.Stats.Packages.Low),
+				None:     int32(vulnReport.Stats.Packages.None),
+				Unknown:  int32(vulnReport.Stats.Packages.Unknown),
+			},
+			Exploits: &mvd.ReportStatsExploits{},
+		}
+	}
+
+	return mvdVulnReport
+}
diff --git a/providers-sdk/v1/upstream/gql/vulnmgmt_gql.go b/providers-sdk/v1/upstream/gql/vulnmgmt_gql.go
@@ -26,6 +26,48 @@ type VulnReport struct {
 	Advisories []*Advisory
 	Cves       []*Cve
 	Packages   []*Package
+	Stats      *ReportStats
+}
+
+type ReportStats struct {
+	Score struct {
+		Id     string
+		Value  int
+		Type   int
+		Vector string
+		Source string
+	}
+	Cves struct {
+		Total    int
+		Critical int
+		High     int
+		Medium   int
+		Low      int
+		None     int
+		Unknown  int
+	}
+	Packages struct {
+		Total    int
+		Affected int
+		Critical int
+		High     int
+		Medium   int
+		Low      int
+		None     int
+		Unknown  int
+	}
+	Advisories struct {
+		Total    int
+		Critical int
+		High     int
+		Medium   int
+		Low      int
+		None     int
+		Unknown  int
+	}
+	Exploits struct {
+		Total int
+	}
 }
 
 type Cve struct {
@@ -79,9 +121,15 @@ type Advisory struct {
 		Vector string
 		Source string
 	}
-	Vendorscore int
-	PublishedAt string
-	ModifiedAt  string
+	Vendorscore      int
+	PublishedAt      string
+	ModifiedAt       string
+	AffectedPackages []struct {
+		Package
+	}
+	FixedByPackages []struct {
+		Package
+	}
 }
 
 type Package struct {
@@ -104,17 +152,10 @@ type Package struct {
 		Vector string
 		Source string
 	}
-
-	Advisories []struct {
-		Advisory
-	}
-	Cves []struct {
-		Cve
-	}
 }
 
-// GetVulnReport fetches the vuln report for a given asset
-func (c *MondooClient) GetVulnReport(mrn string) (*VulnReport, error) {
+// GetVulnCompactReport fetches the compact vuln report for a given asset
+func (c *MondooClient) GetVulnCompactReport(mrn string) (*VulnReport, error) {
 	var m struct {
 		AssetVulnerabilityReportResponse struct {
 			AssetVulnerabilityCompactReport struct {
@@ -128,6 +169,7 @@ func (c *MondooClient) GetVulnReport(mrn string) (*VulnReport, error) {
 				Packages []struct {
 					Package
 				}
+				Stats ReportStats
 			} `graphql:"... on AssetVulnerabilityCompactReport"`
 		} `graphql:"assetVulnerabilityCompactReport(input: $input)"`
 	}
@@ -141,18 +183,22 @@ func (c *MondooClient) GetVulnReport(mrn string) (*VulnReport, error) {
 		Advisories: make([]*Advisory, len(m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Advisories)),
 		Cves:       make([]*Cve, len(m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Cves)),
 		Packages:   make([]*Package, len(m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Packages)),
+		Stats:      &m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Stats,
 	}
 
-	for i, a := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Advisories {
-		gqlVulnReport.Advisories[i] = &a.Advisory
+	for i := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Advisories {
+		advisory := m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Advisories[i].Advisory
+		gqlVulnReport.Advisories[i] = &advisory
 	}
 
-	for i, c := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Cves {
-		gqlVulnReport.Cves[i] = &c.Cve
+	for i := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Cves {
+		cve := m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Cves[i].Cve
+		gqlVulnReport.Cves[i] = &cve
 	}
 
-	for i, p := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Packages {
-		gqlVulnReport.Packages[i] = &p.Package
+	for i := range m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Packages {
+		pkg := m.AssetVulnerabilityReportResponse.AssetVulnerabilityCompactReport.Packages[i].Package
+		gqlVulnReport.Packages[i] = &pkg
 	}
 
 	return gqlVulnReport, nil
@@ -192,16 +238,19 @@ func (c *MondooClient) GetIncognitoVulnReport(platform mondoogql.PlatformInput,
 		Packages:   make([]*Package, len(m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Packages)),
 	}
 
-	for i, a := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Advisories {
-		gqlVulnReport.Advisories[i] = &a.Advisory
+	for i := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Advisories {
+		advisory := m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Advisories[i].Advisory
+		gqlVulnReport.Advisories[i] = &advisory
 	}
 
-	for i, c := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Cves {
-		gqlVulnReport.Cves[i] = &c.Cve
+	for i := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Cves {
+		cve := m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Cves[i].Cve
+		gqlVulnReport.Cves[i] = &cve
 	}
 
-	for i, p := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Packages {
-		gqlVulnReport.Packages[i] = &p.Package
+	for i := range m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Packages {
+		pkg := m.AssetVulnerabilityReportResponse.AssetIncognitoVulnerabilityReport.Packages[i].Package
+		gqlVulnReport.Packages[i] = &pkg
 	}
 
 	return gqlVulnReport, nil

diff --git a/providers-sdk/v1/upstream/mvd/mvd.pb.go b/providers-sdk/v1/upstream/mvd/mvd.pb.go
diff --git a/providers-sdk/v1/upstream/mvd/mvd.proto b/providers-sdk/v1/upstream/mvd/mvd.proto
@@ -8,7 +8,7 @@ package mondoo.mvd.v1;
 import "cvss/cvss.proto";
 
 option go_package = 
-  "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/mvde/mvd";
+  "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream/mvd/mvd";
 
 message Platform {
   string name = 1;

diff --git a/providers/os/resources/vulnmgmt.go b/providers/os/resources/vulnmgmt.go
@@ -170,8 +170,7 @@ func (v *mqlVulnmgmt) getReport() (*gql.VulnReport, error) {
 		log.Debug().Msg("no asset mrn available")
 		return v.getIncognitoReport(mondooClient)
 	}
-	// gqlVulnReport, err := GetVulnReport("//assets.api.mondoo.app/spaces/test-infallible-taussig-796596/assets/2YTpHJnJXnfmuBtQde2HQgWqX1n")
-	gqlVulnReport, err := mondooClient.GetVulnReport(v.MqlRuntime.Upstream.AssetMrn)
+	gqlVulnReport, err := mondooClient.GetVulnCompactReport(v.MqlRuntime.Upstream.AssetMrn)
 	if err != nil {
 		return nil, err
 	}