-
Notifications
You must be signed in to change notification settings - Fork 2
/
search.sh
executable file
·56 lines (44 loc) · 2.07 KB
/
search.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/bin/bash
#search for literal vulnerability name (e.g. CVE-2023-3817)
#./search.sh {vulName}
#the results will go to STOUT but can be redirected to a CSV file
#./search.sh {vulName} > output_CVE-2023-3817.csv
vuln="$1"
regex="^$vuln"
#these are the CSV headers
echo "imagename,imagesource,imageversion,vulnName,dataSource,severity,fixIn,packageName,packageVersion,packageType,workloadname,workloadtype,workloadnamespace,workloadcluster"
#look through each *.image file in the folder
for i in *.image; do
[ -f "$i" ] || break
#read each line of each *.image file
while read v; do
vulnmatch=$(echo "$v" | grep -oh ${regex})
if [ "$vulnmatch" != "" ]
then
VUL_DATA=$(echo "$v")
IMAGEDATA="$(cat $i)"
#read each line of the image's image.resource.data
while read p; do
#extract workload name, type, namespace, and clusterid
WORKLOADNAME=$(echo "$p" | awk -v FS='\t' -v OFS='\t' '{print $1;}')
WORKLOADTYPE=$(echo "$p" | awk -v FS='\t' -v OFS='\t' '{print $2;}')
WORKLOADNAMESPACE=$(echo "$p" | awk -v FS='\t' -v OFS='\t' '{print $3;}')
WORKLOADCLUSTERID=$(echo "$p" | awk -v FS='\t' -v OFS='\t' '{print $4;}')
#read each line of the image's image.cluster.data
while read c; do
#extract the cluster id and name
CLUSTERID=$(echo "$c" | awk -v FS='\t' -v OFS='\t' '{print $1;}')
CLUSTERNAME=$(echo "$c" | awk -v FS='\t' -v OFS='\t' '{print $2;}')
#match the cluster id in image.resource.data line with the cluster id in image.cluster.data
#to show the human readable cluster name in the output
if [ $CLUSTERID = $WORKLOADCLUSTERID ]; then
#output the image data and associated vuln, resource, and cluster data
dataline=$(echo "$IMAGEDATA,$VUL_DATA,$WORKLOADNAME,$WORKLOADTYPE,$WORKLOADNAMESPACE,$CLUSTERNAME")
dataline="$(echo "$dataline" | sed 's/\t/,/g')"
echo "$dataline"
fi
done < "$i".cluster.data
done < "$i".resource.data
fi
done < "$i".vuln.data
done