✨ implement google cloud artifact scan (#9338)

* ✨ implement google cloud artifact scan, #8552 * fix unittest * docs update
DefectDojo · Jan 19, 2024 · acfe7ef · acfe7ef
1 parent 11552ef
commit acfe7ef
Show file tree

Hide file tree

Showing 5 changed files with 602 additions and 0 deletions.
diff --git a/docs/content/en/integrations/parsers/file/gcloud_artifact_scan.md b/docs/content/en/integrations/parsers/file/gcloud_artifact_scan.md
@@ -0,0 +1,12 @@
+---
+title: "Google Cloud Artifact Vulnerability Scan"
+toc_hide: true
+---
+Google Cloud has a Artifact Registry that you can enable security scans https://cloud.google.com/artifact-registry/docs/analysis
+Once a scan is completed, results can be pulled via API/gcloud https://cloud.google.com/artifact-analysis/docs/metadata-storage and exported to JSON
+
+### File Types
+DefectDojo parser accepts Google Cloud Artifact Vulnerability Scan data as a .json file.
+
+### Sample Scan Data
+Sample reports can be found at https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gcloud_artifact_scan
diff --git a/dojo/tools/gcloud_artifact_scan/__init__.py b/dojo/tools/gcloud_artifact_scan/__init__.py
@@ -0,0 +1 @@
+__author__ = "manuel_sommer"
diff --git a/dojo/tools/gcloud_artifact_scan/parser.py b/dojo/tools/gcloud_artifact_scan/parser.py
@@ -0,0 +1,55 @@
+import json
+from dojo.models import Finding
+
+
+class GCloudArtifactScanParser(object):
+    def get_scan_types(self):
+        return ["Google Cloud Artifact Vulnerability Scan"]
+
+    def get_label_for_scan_types(self, scan_type):
+        return scan_type  # no custom label for now
+
+    def get_description_for_scan_types(self, scan_type):
+        return "Import Google Cloud Artifact Vulnerability scans in JSON format."
+
+    def parse_json(self, json_output):
+        try:
+            data = json_output.read()
+            try:
+                tree = json.loads(str(data, "utf-8"))
+            except Exception:
+                tree = json.loads(data)
+        except Exception:
+            raise ValueError("Invalid format")
+        return tree
+
+    def get_findings(self, json_output, test):
+        findings = []
+        if json_output is None:
+            return findings
+        tree = self.parse_json(json_output)
+        if tree:
+            for severity in tree["package_vulnerability_summary"]["vulnerabilities"]:
+                for vuln in tree["package_vulnerability_summary"]["vulnerabilities"][severity]:
+                    description = "name: " + str(vuln["name"]) + "\n\n"
+                    description += "resourceUri: " + str(vuln["resourceUri"]) + "\n"
+                    description += "fixAvailable: " + str(vuln["vulnerability"]["fixAvailable"]) + "\n"
+                    description += "packageIssue: " + str(vuln["vulnerability"]["packageIssue"]) + "\n"
+                    description += "CVE: " + str(vuln["vulnerability"]["shortDescription"]) + "\n"
+                    reference = ""
+                    for ref in vuln["vulnerability"]["relatedUrls"]:
+                        reference += ref["url"] + "\n"
+                    finding = Finding(
+                        title=vuln["noteName"],
+                        test=test,
+                        description=description,
+                        severity=severity.lower().capitalize(),
+                        references=reference,
+                        component_name="affectedCPEUri: " + vuln["vulnerability"]["packageIssue"][0]["affectedCpeUri"] + " affectedPackage: " + vuln["vulnerability"]["packageIssue"][0]["affectedPackage"],
+                        component_version=vuln["vulnerability"]["packageIssue"][0]["affectedVersion"]["fullName"],
+                        static_finding=True,
+                        dynamic_finding=False,
+                        cvssv3_score=vuln["vulnerability"]["cvssScore"]
+                    )
+                    findings.append(finding)
+        return findings