diff --git a/contrib/asff.tpl b/contrib/asff.tpl index 2ba4774b6c..d59a4bd904 100644 --- a/contrib/asff.tpl +++ b/contrib/asff.tpl @@ -3,6 +3,10 @@ {{- $t_first := true -}} {{- range . -}} {{- $target := .Target -}} + {{- $image := .Target -}} + {{- if gt (len $image) 127 -}} + {{- $image = $image | regexFind ".{124}$" | printf "...%v" -}} + {{- end}} {{- range .Vulnerabilities -}} {{- if $t_first -}} {{- $t_first = false -}} @@ -13,7 +17,7 @@ {{- if eq $severity "UNKNOWN" -}} {{- $severity = "INFORMATIONAL" -}} {{- end -}} - {{- $description := .Description -}} + {{- $description := escapeString .Description | printf "%q" -}} {{- if gt (len $description ) 1021 -}} {{- $description = (substr 0 1021 $description) | printf "%v .." -}} {{- end}} @@ -21,7 +25,7 @@ "SchemaVersion": "2018-10-08", "Id": "{{ $target }}/{{ .VulnerabilityID }}", "ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity", - "GeneratorId": "Trivy", + "GeneratorId": "Trivy/{{ .VulnerabilityID }}", "AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], "CreatedAt": "{{ now | date "2006-01-02T15:04:05.999999999Z07:00" }}", @@ -30,7 +34,7 @@ "Label": "{{ $severity }}" }, "Title": "Trivy found a vulnerability to {{ .VulnerabilityID }} in container {{ $target }}", - "Description": {{ escapeString $description | printf "%q" }}, + "Description": {{ $description }}, "Remediation": { "Recommendation": { "Text": "More information on this vulnerability is provided in the hyperlink", @@ -45,7 +49,7 @@ "Partition": "aws", "Region": "{{ env "AWS_REGION" }}", "Details": { - "Container": { "ImageName": "{{ $target }}" }, + "Container": { "ImageName": "{{ $image }}" }, "Other": { "CVE ID": "{{ .VulnerabilityID }}", "CVE Title": {{ .Title | printf "%q" }}, diff --git a/integration/testdata/alpine-310.asff.golden b/integration/testdata/alpine-310.asff.golden index 684156af22..f99b040eef 100644 --- a/integration/testdata/alpine-310.asff.golden +++ b/integration/testdata/alpine-310.asff.golden @@ -4,7 +4,7 @@ "SchemaVersion": "2018-10-08", "Id": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)/CVE-2019-1549", "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity", - "GeneratorId": "Trivy", + "GeneratorId": "Trivy/CVE-2019-1549", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], "CreatedAt": "2020-08-10T07:28:17.000958601Z", @@ -49,7 +49,7 @@ "SchemaVersion": "2018-10-08", "Id": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)/CVE-2019-1551", "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity", - "GeneratorId": "Trivy", + "GeneratorId": "Trivy/CVE-2019-1551", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], "CreatedAt": "2020-08-10T07:28:17.000958601Z", @@ -94,7 +94,7 @@ "SchemaVersion": "2018-10-08", "Id": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)/CVE-2019-1549", "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity", - "GeneratorId": "Trivy", + "GeneratorId": "Trivy/CVE-2019-1549", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], "CreatedAt": "2020-08-10T07:28:17.000958601Z", @@ -139,7 +139,7 @@ "SchemaVersion": "2018-10-08", "Id": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)/CVE-2019-1551", "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity", - "GeneratorId": "Trivy", + "GeneratorId": "Trivy/CVE-2019-1551", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], "CreatedAt": "2020-08-10T07:28:17.000958601Z",