Skip to content

Commit

Permalink
Sort images by vulnerabilities count
Browse files Browse the repository at this point in the history
Signed-off-by: Rokibul Hasan <[email protected]>
  • Loading branch information
RokibulHasan7 committed Mar 18, 2024
1 parent 9e52bcf commit 0a3648d
Showing 1 changed file with 13 additions and 3 deletions.
16 changes: 13 additions & 3 deletions pkg/registry/scanner/reports/storage.go
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@ func GenerateReports(images map[string]kmapi.ImageInfo, results map[string]resul
}

return &reportsapi.CVEReportResponse{
Images: sortImageInfosByImageName(imginfos),
Images: sortImageInfosByVulnerabilities(imginfos),
Vulnerabilities: reportsapi.VulnerabilityInfo{
Stats: getVulnerabilityStats(totalOccurrence, vuls),
CVEs: getCVEsFromVulnerabilityInfoMap(vuls),
Expand Down Expand Up @@ -412,17 +412,27 @@ func getVulnerabilityStats(totalOccurrence map[string]int, vuls map[string]trivy
return stats
}

func sortImageInfosByImageName(imginfos map[string]reportsapi.ImageInfo) []reportsapi.ImageInfo {
func sortImageInfosByVulnerabilities(imginfos map[string]reportsapi.ImageInfo) []reportsapi.ImageInfo {
images := make([]reportsapi.ImageInfo, 0, len(imginfos))
for _, ii := range imginfos {
images = append(images, ii)
}
sort.Slice(images, func(i, j int) bool {
return images[i].Image.Name < images[j].Image.Name
return calculateVulnerabilities(images[i].Stats) < calculateVulnerabilities(images[j].Stats)
})
return images
}

func calculateVulnerabilities(stats map[string]reportsapi.RiskStats) int {
count := 0
for _, key := range []string{"HIGH", "LOW", "MEDIUM", "CRITICAL", "UNKNOWN"} {
if val, ok := stats[key]; ok {
count += val.Count
}
}
return count
}

func getCVEsFromVulnerabilityInfoMap(vuls map[string]trivy.VulnerabilityInfo) []trivy.VulnerabilityInfo {
cves := make([]trivy.VulnerabilityInfo, 0, len(vuls))
for _, vul := range vuls {
Expand Down

0 comments on commit 0a3648d

Please sign in to comment.