feat: support infra checks (#26)

* feat: support infra checks Signed-off-by: chenk <[email protected]> * release: update v0.1.0 Signed-off-by: chenk <[email protected]> Signed-off-by: chenk <[email protected]>
aquasecurity · Nov 8, 2022 · 1063da3 · 1063da3
1 parent b6d7506
commit 1063da3
Show file tree

Hide file tree

Showing 12 changed files with 463 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -30,6 +30,8 @@ The following matrix indicates versions of this extension and compatible Lens re
 | 4.0  | [0.0.5](https://github.com/aquasecurity/trivy-operator-lens-extension/releases/tag/v0.0.5) |
 | 5.0  | [0.0.5](https://github.com/aquasecurity/trivy-operator-lens-extension/releases/tag/v0.0.5) |
 | 6.0  | [0.0.6](https://github.com/aquasecurity/trivy-operator-lens-extension/releases/tag/v0.0.6) |
+| 6.0  | [0.1.0](https://github.com/aquasecurity/trivy-operator-lens-extension/releases/tag/v0.1.0) |
+
 
 ### From the Binary Releases
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@aquasecurity/trivy-operator-lens-extension",
   "publisher": "aquasecurity.github.io",
-  "version": "0.0.6",
+  "version": "0.1.0",
   "description": "Lens extension for viewing trivy-operator security information",
   "homepage": "https://github.com/aquasecurity/trivy-operator-lens-extension",
   "repository": {

diff --git a/renderer.tsx b/renderer.tsx
@@ -22,13 +22,17 @@ import {WorkloadExposedSecretReports} from "./src/workloads/exposedsecretreports
 import {ExposedSecretReport} from "./src/exposedsecretreports/types";
 import {ExposedSecretReportDetails, ExposedSecretReportDetailsProps} from "./src/exposedsecretreports/details";
 import {ClusterRbacAssessmentReportPage, RbacAssessmentReportPage} from "./src/rbacassessmentreports/page";
-import {ClusterRbacAssessmentReport, RbacAssessmentReport} from "./src/rbacassessmentreports/types";
+import { ClusterRbacAssessmentReport, RbacAssessmentReport } from "./src/rbacassessmentreports/types";
+import {InfraAssessmentReport } from "./src/infraassessmentreports/types";
 import {
     ClusterRbacAssessmentReportDetailsProps,
     RbacAssessmentReportDetailsProps
 } from "./src/rbacassessmentreports/details";
+import {InfraAssessmentReportDetails, InfraAssessmentReportDetailsProps} from "./src/infraassessmentreports/details";
 import {WorkloadRbacAssessmentReports} from "./src/workloads/rbacassessmentreport";
 import {WorkloadClusterRbacAssessmentReports} from "./src/workloads/rbacassessmentreport";
+import {WorkloadInfraAssessmentReports} from "./src/workloads/infraassessmentreport";
+import {InfraAssessmentReportPage} from "./src/infraassessmentreports/page";
 
 export function CertificateIcon(props: Renderer.Component.IconProps) {
     return <Renderer.Component.Icon {...props} material="security"/>
@@ -72,6 +76,12 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
             components: {
                 Page: () => <ClusterRbacAssessmentReportPage extension={this}/>,
             }
+        },
+        {
+            id: "infraassessmentreports",
+            components: {
+                Page: () => <InfraAssessmentReportPage extension={this}/>,
+            }
         }
     ]
 
@@ -143,6 +153,8 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                     <React.Fragment>
                         <WorkloadConfigAuditReports {...props} />
                         <WorkloadVulnerabilityReports {...props}/>
+                        <WorkloadExposedSecretReports {...props}/>
+                        <WorkloadInfraAssessmentReports {...props}/>
                     </React.Fragment>
             }
         },
@@ -156,6 +168,7 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                         <WorkloadConfigAuditReports {...props} />
                         <WorkloadVulnerabilityReports {...props}/>
                         <WorkloadExposedSecretReports {...props}/>
+                        <WorkloadInfraAssessmentReports {...props}/>
                     </React.Fragment>
             }
         },
@@ -169,6 +182,7 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                         <WorkloadConfigAuditReports {...props} />
                         <WorkloadVulnerabilityReports {...props}/>
                         <WorkloadExposedSecretReports {...props}/>
+                        <WorkloadInfraAssessmentReports {...props}/>
                     </React.Fragment>
             }
         },
@@ -182,6 +196,7 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                         <WorkloadConfigAuditReports {...props} />
                         <WorkloadVulnerabilityReports {...props}/>
                         <WorkloadExposedSecretReports {...props}/>
+                        <WorkloadInfraAssessmentReports {...props}/>
                     </React.Fragment>
             }
         },
@@ -195,6 +210,7 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                         <WorkloadConfigAuditReports {...props} />
                         <WorkloadVulnerabilityReports {...props}/>
                         <WorkloadExposedSecretReports {...props}/>
+                        <WorkloadInfraAssessmentReports {...props}/>
                     </React.Fragment>
             }
         },
@@ -260,6 +276,14 @@ export default class trivyOperatorExtension extends Renderer.LensExtension {
                     showObjectMeta {...props} />
             }
         },
+        {
+            kind: InfraAssessmentReport.kind,
+            apiVersions: [TRIVY_OPERATOR_API_VERSION],
+            components: {
+                Details: (props: InfraAssessmentReportDetailsProps) => <InfraAssessmentReportDetails
+                    showObjectMeta {...props} />
+            }
+        },
         {
             kind: ClusterRbacAssessmentReport.kind,
             apiVersions: [TRIVY_OPERATOR_API_VERSION],

diff --git a/src/infraassessmentreports/checks-list.scss b/src/infraassessmentreports/checks-list.scss
@@ -0,0 +1,81 @@
+.ChecksList {
+
+  .Table {
+    margin-top: 24px;
+    margin-left: -24px;
+    margin-right: -24px;
+  }
+
+  .Table.virtual {
+    height: 500px;
+
+    .VirtualList {
+      height: 100%;
+    }
+  }
+
+  .Table {
+    .TableCell {
+      &.checkID {
+        text-align: left;
+        flex-grow: 0.15;
+      }
+      &.severity {
+        text-align: center;
+        flex-grow: 0.1;
+      }
+      &.message {
+        text-align: left;
+        flex-grow: 0.65;
+      }
+
+      &.status {
+        text-align: center;
+        flex-grow: 0.1;
+      }
+
+      .Badge {
+        &.severity-CRITICAL {
+          color: white;
+          background-color: #cc1814;
+        }
+
+        &.severity-danger {
+          color: white;
+          background-color: #cc1814;
+        }
+
+        &.severity-HIGH {
+          color: white;
+          background-color: #ffa500;
+        }
+
+        &.severity-warning {
+          color: white;
+          background-color: #ffa500;
+        }
+
+        &.severity-MEDIUM {
+          color: white;
+          background-color: #f0c20c;
+        }
+
+        &.severity-LOW {
+          color: white;
+          background-color: #096ab0;
+        }
+
+        &.status-PASS {
+          color: white;
+          background-color: #00b09b;
+        }
+
+        &.status-FAIL {
+          color: white;
+          background-color: #cc1814;
+        }
+      }
+    }
+  }
+
+}
diff --git a/src/infraassessmentreports/checks-list.tsx b/src/infraassessmentreports/checks-list.tsx
@@ -0,0 +1,96 @@
+import "./checks-list.scss";
+import React from "react";
+import {Renderer} from "@k8slens/extensions";
+import {Check} from "./types";
+
+const {
+    Component: {
+        Table,
+        TableHead,
+        TableRow,
+        TableCell,
+        Badge,
+    }
+} = Renderer;
+
+interface Props {
+    checks: Check[];
+}
+
+const severityOrder = new Map([
+    ["CRITICAL", 0],
+    ["HIGH", 1],
+    ["MEDIUM", 3],
+    ["LOW", 5],
+])
+
+const BySeverity = (v1: Check, v2: Check) => {
+    return severityOrder.get(v1.severity) - severityOrder.get(v2.severity)
+}
+
+export class ChecksList extends React.Component<Props> {
+
+    getMessage = (check: Check) => {
+        if (check.message !== undefined && check.message !== "") {
+            return check.message
+        }
+        return check.description
+    }
+
+    getTableRow = (uid: string) => {
+        const {checks} = this.props;
+        const check = checks.find(item => item.checkID == uid);
+        let status = 'PASS'
+        if (!check.success) {
+            status = 'FAIL'
+        }
+        return (
+            <TableRow key={check.checkID} nowrap>
+                <TableCell className="checkID">
+                    <Badge flat expandable={false} label={check.checkID} tooltip={check.checkID}/>
+                </TableCell>
+                <TableCell className="severity">
+                    <Badge className={"Badge severity-" + check.severity} small label={check.severity}/>
+                </TableCell>
+                <TableCell className="message">
+                    <Badge flat expandable={false} label={this.getMessage(check)} tooltip={this.getMessage(check)}/>
+                </TableCell>
+                <TableCell className="status">
+                    <Badge className={"Badge status-" + status} small label={status}/>
+                </TableCell>
+            </TableRow>
+        )
+    }
+
+    render() {
+        const {checks} = this.props
+        if (!checks || !checks.length) {
+            return null;
+        }
+
+        const virtual = checks.length > 50;
+        const sorted = checks.sort(BySeverity)
+
+        return (
+            <div className="ChecksList flex column">
+                <Table className="box grow"
+                       tableId="infraassessmentChecksTable"
+                       selectable
+                       virtual={virtual}
+                       items={sorted}
+                       getTableRow={this.getTableRow}
+                >
+                    <TableHead>
+                        <TableCell className="checkID">ID</TableCell>
+                        <TableCell className="severity">Severity</TableCell>
+                        <TableCell className="message">Message</TableCell>
+                        <TableCell className="status">Status</TableCell>
+                    </TableHead>
+                    {
+                        !virtual && sorted.map((check: Check) => this.getTableRow(check.getId()))
+                    }
+                </Table>
+            </div>
+        )
+    }
+}
diff --git a/src/infraassessmentreports/details.scss b/src/infraassessmentreports/details.scss
@@ -0,0 +1,30 @@
+.InfraAssessmentReportDetails {
+  .summary {
+    .Badge {
+      &.theme-critical {
+        color: white;
+        background-color: #cc1814;
+      }
+
+      &.theme-high {
+        color: white;
+        background-color: #ffa500;
+      }
+
+      &.theme-medium {
+        color: white;
+        background-color: #f0c20c;
+      }
+
+      &.theme-low {
+        color: white;
+        background-color: #096ab0;
+      }
+
+      &.theme-negligible {
+        color: white;
+        background-color: #00b09b;
+      }
+    }
+  }
+}