🎉 All Trivy Operator findings in one json (#11252)

* 🎉 All Trivy Operator findings in one json * ruff * sboms are not covered here * if only sboms are present, skip all
DefectDojo · Nov 15, 2024 · 2becdb9 · 2becdb9
1 parent cdf7b82
commit 2becdb9
Show file tree

Hide file tree

Showing 3 changed files with 685 additions and 1 deletion.
diff --git a/dojo/tools/trivy_operator/parser.py b/dojo/tools/trivy_operator/parser.py
@@ -20,7 +20,6 @@ def get_description_for_scan_types(self, scan_type):
 
     def get_findings(self, scan_file, test):
         scan_data = scan_file.read()
-
         try:
             data = json.loads(str(scan_data, "utf-8"))
         except Exception:
@@ -29,6 +28,11 @@ def get_findings(self, scan_file, test):
         if type(data) is list:
             for listitems in data:
                 findings += self.output_findings(listitems, test)
+        elif type(data) is dict and bool(set(data.keys()) & {"clustercompliancereports.aquasecurity.github.io", "clusterconfigauditreports.aquasecurity.github.io", "clusterinfraassessmentreports.aquasecurity.github.io", "clusterrbacassessmentreports.aquasecurity.github.io", "configauditreports.aquasecurity.github.io", "exposedsecretreports.aquasecurity.github.io", "infraassessmentreports.aquasecurity.github.io", "rbacassessmentreports.aquasecurity.github.io", "vulnerabilityreports.aquasecurity.github.io"}):
+            for datakey in list(data.keys()):
+                if datakey not in ["clustersbomreports.aquasecurity.github.io", "sbomreports.aquasecurity.github.io"]:
+                    for listitems in (data[datakey]):
+                        findings += self.output_findings(listitems, test)
         else:
             findings += self.output_findings(data, test)
         return findings