insights

package module

v1.0.1 Latest Latest Go to latest Published: Feb 14, 2023 License: MIT Imports: 14 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/adevinta/security-overview

Links

Open Source Insights

README ¶

Security Overview

Security Overview is a library used to generate detailed reports. It receives as input an scan-id, a team name and then generates an html email containing some summarized information about the scan, which links to a full report dashboard containing detailed information about the scan. This dashboard is automatically uploaded to a S3 bucket.

CLI

The cli provides functionality to test the report generation.

To install ,after cloning the repo, execute

go install ./...

It works by supporting three scenarios:

Generate and optionally upload a report.

At the root of the report execute:
```
vulcan-security-overview -config _config/dev.toml -scan-id scanid -team-name team-name
```
The config param contains at path to a config file, there are examples of this config files at the dir: config
Regenerate a report

For modifying the look and feel or the javascript of the reports is useful to have a way to regenerate a report. The regenerate command takes a json file, generated by the command explained at the previous section, and regenerates the html and all the assets: javascript, css, etc... containing the full report

To regenerate command execute:
```
vulcan-security-overview -regen .localtest/test-report.json -resources _resources/ -presources _public_resources/ --assetsurl https://example.com/assets  -output .localtest/reports
```
Generate a full report from a file with a check report.

This scenario is useful when adjusting the output of a check. This command takes, apart from the config file, a parameter pointing to a file that contains a check report. It generates and uploads to s3 a full report with the findings of that check.

Example of the command:
```
 vulcan-security-overview -config "security-overview.toml" -check check_report.json
```

Documentation ¶

Index ¶

type DetailedReport
- func NewDetailedReport(configFile, teamName, scanID, teamID string) (*DetailedReport, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DetailedReport ¶

type DetailedReport struct {
	URL   string
	Email string
	Risk  int
	// contains filtered or unexported fields
}

DetailedReport represents a detailed report, with an HTML email and a full report

func NewDetailedReport ¶

func NewDetailedReport(configFile, teamName, scanID, teamID string) (*DetailedReport, error)

NewDetailedReport initializes and returns a new DetailedReport

func (*DetailedReport) GenerateLocalFiles ¶

func (d *DetailedReport) GenerateLocalFiles() error

GenerateLocalFiles grabs data for a fiven scan ID from Vulcan Core and saves the HTML enauk and the full report in a local folder

func (*DetailedReport) GenerateLocalFilesFromCheck ¶

func (d *DetailedReport) GenerateLocalFilesFromCheck(path string) error

GenerateLocalFilesFromCheck grabs the check report stored in a file and generates the html report using that unique check report.

func (*DetailedReport) UploadFilesToS3 ¶

func (d *DetailedReport) UploadFilesToS3() error

Source Files ¶

View all Source files

report.go

Directories ¶

Path	Synopsis
cmd
vulcan-security-overview
config
report
resources
utils
vulcan
persistence
results

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL