问题描述
我想知道是否能为您提供帮助...我目前正在Gitlab中对我的一张图像实施容器扫描,并希望使用grep搜索任何关键漏洞。
到目前为止,我有以下内容,但问题是,报告中提到CRITICAL,然后发现了漏洞数量,而我希望忽略这一点,并在SEVERITY下查找提到CRITICAL的位置。
我想理想的情况是希望grep在总行下找到CRITICAL> 0,但我不确定如何使用grep执行此操作,因此感谢任何帮助!
代码:
if cat REPORT.txt | grep -e 'CRITICAL'; then
echo 'Critical vulnerability found -- fail build' currentBuild.result = 'FAILURE'
else
echo 'All Good'
fi
报告示例:
Total: 2 (UNKNOWN: 0,LOW: 1,MEDIUM: 1,HIGH: 0,CRITICAL: 0)
+------------------------------+---------------------+----------+--------------------------+--------------------------+--------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------------------------+---------------------+----------+--------------------------+--------------------------+--------------------------------------------------------------+
| apt | CVE-2020-3810 | MEDIUM | 1.4.9 | 1.4.10 | Missing input validation in |
| | | | | | the ar/tar implementations of |
| | | | | | APT before version 2.1.2... |
+ +---------------------+----------+ +--------------------------+--------------------------------------------------------------+
| | CVE-2011-3374 | LOW | | | It was found that apt-key |
| | | | | | in apt,all versions,do not |
| | | | | | correctly... |
+------------------------------+---------------------+ +--------------------------+--------------------------+--------------------------------------------------------------+
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)