From 8e1cce03c866a51c4b2cb09380d93535d0060a94 Mon Sep 17 00:00:00 2001 From: Firas AlShafei Date: Tue, 16 Apr 2024 10:41:50 -0500 Subject: [PATCH] feat: add html template (#1806) - responsive template using datatables.js - filtering option - pdf export option Signed-off-by: Firas AlShafei --- templates/README.md | 22 ++ templates/html.tmpl | 595 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 617 insertions(+) create mode 100644 templates/html.tmpl diff --git a/templates/README.md b/templates/README.md index a9f521af..80e8097b 100644 --- a/templates/README.md +++ b/templates/README.md @@ -9,6 +9,9 @@ Current templates:
 .
 ├── README.md
+├── html.tmpl
+├── junit.tmpl
+├── csv.tmpl
 └── table.tmpl
 
@@ -21,3 +24,22 @@ This template mimics the "default" table output of Grype, there are some drawbac - no (wont-fix) logic As you can see from the above list, it's not perfect but it's a start. + +## HTML + +Produces a nice html template with a dynamic table using datatables.js. + +You can also modify the templating filter to limit the output to a subset. + +Default includes all + +``` + {{- if or (eq $vuln.Vulnerability.Severity "Critical") (eq $vuln.Vulnerability.Severity "High") (eq $vuln.Vulnerability.Severity "Medium") (eq $vuln.Vulnerability.Severity "Low") (eq $vuln.Vulnerability.Severity "Unknown") }} +``` + +We can limit it to only Critical, High, and Medium by editing the filter as follows + +``` + {{- if or (eq $vuln.Vulnerability.Severity "Critical") (eq $vuln.Vulnerability.Severity "High") (eq $vuln.Vulnerability.Severity "Medium") }} +``` + diff --git a/templates/html.tmpl b/templates/html.tmpl new file mode 100644 index 00000000..4c2cd020 --- /dev/null +++ b/templates/html.tmpl @@ -0,0 +1,595 @@ + + + + + + Vulnerability Report + + + + + + + + + + + + + + + + + + + + + + + + + + + +{{/* Initialize counters */}} +{{- $CountCritical := 0 }} +{{- $CountHigh := 0 }} +{{- $CountMedium := 0 }} +{{- $CountLow := 0}} +{{- $CountUnknown := 0 }} + +{{/* Create a list */}} +{{- $FilteredMatches := list }} + +{{/* Loop through all vulns limit output and set count*/}} +{{- range $vuln := .Matches }} + {{/* Use this filter to exclude severity if needed */}} + {{- if or (eq $vuln.Vulnerability.Severity "Critical") (eq $vuln.Vulnerability.Severity "High") (eq $vuln.Vulnerability.Severity "Medium") (eq $vuln.Vulnerability.Severity "Low") (eq $vuln.Vulnerability.Severity "Unknown") }} + {{- $FilteredMatches = append $FilteredMatches $vuln }} + {{- if eq $vuln.Vulnerability.Severity "Critical" }} + {{- $CountCritical = add $CountCritical 1 }} + {{- else if eq $vuln.Vulnerability.Severity "High" }} + {{- $CountHigh = add $CountHigh 1 }} + {{- else if eq $vuln.Vulnerability.Severity "Medium" }} + {{- $CountMedium = add $CountMedium 1 }} + {{- else if eq $vuln.Vulnerability.Severity "Low" }} + {{- $CountLow = add $CountLow 1 }} + {{- else }} + {{- $CountUnknown = add $CountUnknown 1 }} + {{- end }} + {{- end }} +{{- end }} + + +
+
+
+

Container Vulnerability Report

+

Name: {{- if eq (.Source.Type) "image" -}} {{.Source.Target.UserInput}} + {{- else if eq (.Source.Type) "directory" -}} {{.Source.Target}} + {{- else if eq (.Source.Type) "file" -}} {{.Source.Target}} + {{- else -}} unknown + {{- end -}}

+

Type: {{ .Source.Type }}

+

Date: {{.Descriptor.Timestamp}}

+
+
+ Grype Logo +
+
+
+
+
Critical
+
{{ $CountCritical }}
+
+
+
High
+
{{ $CountHigh }}
+
+
+
Medium
+
{{ $CountMedium }}
+
+
+
Low
+
{{ $CountLow }}
+
+
+
Unknown
+
{{ $CountUnknown }}
+
+
+
+ + + + + + + + + + + + + + + {{- range $FilteredMatches }} + + + + + + + + + + + {{end}} + +
NameVersionTypeVulnerabilitySeverityDescriptionStateFixed In
{{.Artifact.Name}}{{.Artifact.Version}}{{.Artifact.Type}} + {{.Vulnerability.ID}} + {{.Vulnerability.Severity}}{{html .Vulnerability.Description}}{{.Vulnerability.Fix.State}} + {{- if .Vulnerability.Fix.Versions }} +
    + {{- range .Vulnerability.Fix.Versions }} +
  • {{ . }}
  • + {{- end }} +
+ {{- else }} + N/A + {{- end }} +
+
+
+ + + + + + + \ No newline at end of file