|
9 | 9 | require 'shared.php'; |
10 | 10 |
|
11 | 11 | if ($_POST['m'] == 'init') { |
12 | | - $containerList = apiRequest('stats/containers')['result']['result']; |
13 | | - $trivy = new Trivy(); |
14 | | - $dbNotice = ($trivy->getDBSize() == 0 || $trivy->getJavaDBSize() == 0); |
15 | | - $downloadDbCmd = sprintf(TrivyCLI::UPDATE_DB_SHELL, TRIVY_PATH); |
16 | | - $downloadJavaDbCmd = sprintf(TrivyCLI::UPDATE_DB_JAVA_SHELL, TRIVY_PATH); |
| 12 | + $containerList = apiRequest('stats/containers')['result']['result']; |
| 13 | + $security = new Security(); |
17 | 14 | ?> |
18 | 15 | <ol class="breadcrumb rounded p-1 ps-2"> |
19 | 16 | <li class="breadcrumb-item"><a href="#" onclick="initPage('overview')"><?= $_SESSION['activeServerName'] ?></a><span class="ms-2">↦</span></li> |
20 | | - <li class="breadcrumb-item active" aria-current="page">Trivy</li> |
| 17 | + <li class="breadcrumb-item active" aria-current="page">Security</li> |
21 | 18 | </ol> |
22 | 19 | <div class="bg-secondary rounded p-4"> |
23 | 20 | <div class="row"> |
24 | 21 | <div class="col-sm-12"> |
25 | | - <?php if ($dbNotice) { ?> |
26 | | - <div class="col-sm-12"> |
27 | | - <div class="rounded m-2 p-2 bg-gray"> |
28 | | - It seems like this is your first time using Trivy.<br> |
29 | | - To scan container images Trivy uses pre-populated vulnerability databases that need to be downloaded first.<br> |
30 | | - This is usually an automatic process triggered by the scheduled cron task, but if you'd like to manually scan your containers now, you'll need to download the databases first.<br> |
31 | | - Click on the Download icon next to the Dockwatch container.<br> |
32 | | - Note: The DBs are ~2.3GB big, depending on your internet connection this could take a few minutes. |
33 | | - </div> |
34 | | - </div> |
35 | | - <?php } ?> |
36 | 22 | <div class="table-responsive"> |
37 | | - <table class="table table-no-squish" id="trivy-table"> |
| 23 | + <table class="table table-no-squish" id="security-table"> |
38 | 24 | <thead> |
39 | 25 | <tr> |
40 | 26 | <th scope="col" class="rounded-top-left-1 bg-primary ps-3 container-table-header noselect no-sort"></th> |
|
57 | 43 | $containerHash = md5($containerName); |
58 | 44 | $isDockwatch = isDockwatchContainer($container); |
59 | 45 | $iconUrl = getIconByName($imageName, $containerName); |
60 | | - $vulnCounts = $trivy->getVulnCounts($imageName); |
61 | | - $scanCount = $trivy->getScanHistoryCount($imageName); |
| 46 | + $vulnCounts = $security->getVulnCounts($imageName); |
| 47 | + $scanCount = $security->getScanHistoryCount($imageName); |
62 | 48 | $hasHistory = $scanCount > 1; |
63 | 49 | ?> |
64 | | - <tr id="trivy-row-<?= $containerHash ?>" data-hash="<?= $containerHash ?>" data-image="<?= htmlspecialchars($imageName) ?>" data-name="<?= htmlspecialchars($containerName) ?>" data-has-history="<?= $hasHistory ? '1' : '0' ?>"> |
65 | | - <td class="container-table-row bg-secondary"><input type="checkbox" class="form-check-input trivy-check" onchange="toggleTrivyCheckAll()"></td> |
| 50 | + <tr id="security-row-<?= $containerHash ?>" data-hash="<?= $containerHash ?>" data-image="<?= htmlspecialchars($imageName) ?>" data-name="<?= htmlspecialchars($containerName) ?>" data-has-history="<?= $hasHistory ? '1' : '0' ?>"> |
| 51 | + <td class="container-table-row bg-secondary"><input type="checkbox" class="form-check-input security-check" onchange="toggleSecurityCheckAll()"></td> |
66 | 52 | <td class="container-table-row bg-secondary"> |
67 | 53 | <?php if ($iconUrl): ?> |
68 | 54 | <img src="<?= htmlspecialchars($iconUrl) ?>" width="32" height="32" alt="" /> |
69 | 55 | <?php endif; ?> |
70 | 56 | </td> |
71 | 57 | <td class="container-table-row bg-secondary"> |
72 | 58 | <span class="container-name"><?= htmlspecialchars($containerName) ?></span> |
73 | | - <?php if ($isDockwatch): ?> |
74 | | - <i class="fas fa-download trivy-download-db" style="cursor: pointer;" title="Download DB" onclick="containerShell('<?= $containerName ?>', false, 'clear && <?= $downloadDbCmd ?> && <?= $downloadJavaDbCmd ?> && echo Finished downloading DB, exiting in 5s && sleep 5 && exit')"></i> |
75 | | - <?php endif; ?> |
76 | 59 | <br> |
77 | 60 | <span class="text-muted small-text"><?= htmlspecialchars($imageName) ?></span> |
78 | 61 | </td> |
79 | 62 | <td class="container-table-row bg-secondary text-center"> |
80 | 63 | <?php if ($hasHistory): ?> |
81 | | - <i class="fas fa-plus-square text-info trivy-expand" style="cursor: pointer;" onclick="toggleTrivyScans('<?= $containerHash ?>')"></i> |
| 64 | + <i class="fas fa-plus-square text-info security-expand" style="cursor: pointer;" onclick="toggleSecurityScans('<?= $containerHash ?>')"></i> |
82 | 65 | <?php endif; ?> |
83 | 66 | </td> |
84 | 67 | <td class="container-table-row bg-secondary text-center" data-sort="<?= $vulnCounts['critical'] ?>"> |
|
118 | 101 | </td> |
119 | 102 | <td class="container-table-row bg-secondary"> |
120 | 103 | <div class="btn-group btn-group-sm" role="group"> |
121 | | - <button type="button" class="btn btn-outline-light bg-secondary btn-sm" title="View Current Scan" onclick="viewTrivyScan('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>', 'current')"><i class="fas fa-eye fa-xs"></i></button> |
122 | | - <button type="button" class="btn btn-outline-light bg-secondary btn-sm" title="View Scan History" onclick="viewTrivyScanHistory('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>')"><i class="fas fa-history fa-xs"></i></button> |
123 | | - <button type="button" class="btn btn-outline-light bg-secondary btn-sm access-rw" title="Run Scan" onclick="runTrivyScan('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>', '<?= htmlspecialchars($containerName) ?>')"><i class="fas fa-shield-alt fa-xs"></i></button> |
| 104 | + <button type="button" class="btn btn-outline-light bg-secondary btn-sm" title="View Current Scan" onclick="viewSecurityScan('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>', 'current')"><i class="fas fa-eye fa-xs"></i></button> |
| 105 | + <button type="button" class="btn btn-outline-light bg-secondary btn-sm" title="View Scan History" onclick="viewSecurityScanHistory('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>')"><i class="fas fa-history fa-xs"></i></button> |
| 106 | + <button type="button" class="btn btn-outline-light bg-secondary btn-sm access-rw" title="Run Scan" onclick="runSecurityScan('<?= $containerHash ?>', '<?= htmlspecialchars($imageName) ?>', '<?= htmlspecialchars($containerName) ?>')"><i class="fas fa-shield-alt fa-xs"></i></button> |
124 | 107 | </div> |
125 | 108 | </td> |
126 | 109 | </tr> |
127 | 110 | <?php } ?> |
128 | 111 | <tfoot> |
129 | 112 | <tr> |
130 | 113 | <td class="rounded-bottom-right-1 rounded-bottom-left-1 bg-primary ps-3" colspan="10"> |
131 | | - <button id="check-all-trivy-btn" class="dt-button mt-2 buttons-collection access-rw" tabindex="0" aria-controls="trivy-table" type="button"><input type="checkbox" class="form-check-input" onclick="toggleAllTrivy()" id="trivy-toggle-all"></button> |
132 | | - <button id="trivy-scan-btn" class="dt-button mt-2 buttons-collection access-rw" tabindex="0" aria-controls="trivy-table" type="button" onclick="massApplyTrivyScan()">Scan Selected</button> |
| 114 | + <button id="check-all-security-btn" class="dt-button mt-2 buttons-collection access-rw" tabindex="0" aria-controls="security-table" type="button"><input type="checkbox" class="form-check-input" onclick="toggleAllSecurity()" id="security-toggle-all"></button> |
| 115 | + <button id="security-scan-btn" class="dt-button mt-2 buttons-collection access-rw" tabindex="0" aria-controls="security-table" type="button" onclick="massApplySecurityScan()">Scan Selected</button> |
133 | 116 | </td> |
134 | 117 | </tr> |
135 | 118 | </tfoot> |
|
142 | 125 | } |
143 | 126 |
|
144 | 127 | if ($_POST['m'] == 'getVulns') { |
145 | | - $image = $_POST['image'] ?? ''; |
146 | | - $file = $_POST['file'] ?? null; |
147 | | - $trivy = new Trivy(); |
148 | | - $vulns = $trivy->getVulns($image, $file); |
| 128 | + $image = $_POST['image'] ?? ''; |
| 129 | + $file = $_POST['file'] ?? null; |
| 130 | + $security = new Security(); |
| 131 | + $vulns = $security->getVulns($image, $file); |
149 | 132 | echo json_encode($vulns ?? []); |
150 | 133 | } |
151 | 134 |
|
152 | 135 | if ($_POST['m'] == 'getScanHistory') { |
153 | | - $image = $_POST['image'] ?? ''; |
154 | | - $trivy = new Trivy(); |
155 | | - $history = $trivy->getScanHistory($image); |
| 136 | + $image = $_POST['image'] ?? ''; |
| 137 | + $security = new Security(); |
| 138 | + $history = $security->getScanHistory($image); |
156 | 139 | echo json_encode($history); |
157 | 140 | } |
158 | 141 |
|
159 | 142 | if ($_POST['m'] == 'getRecentScans') { |
160 | | - $image = $_POST['image'] ?? ''; |
161 | | - $limit = intval($_POST['limit'] ?? 3); |
162 | | - $trivy = new Trivy(); |
163 | | - $history = $trivy->getScanHistory($image); |
164 | | - $recent = array_slice($history, 1, $limit); |
| 143 | + $image = $_POST['image'] ?? ''; |
| 144 | + $limit = intval($_POST['limit'] ?? 3); |
| 145 | + $security = new Security(); |
| 146 | + $history = $security->getScanHistory($image); |
| 147 | + $recent = array_slice($history, 1, $limit); |
165 | 148 | echo json_encode($recent); |
166 | 149 | } |
167 | 150 |
|
|
171 | 154 |
|
172 | 155 | logger(UI_LOG, 'scanning image ' . $image . ' ->'); |
173 | 156 |
|
174 | | - $trivy = new Trivy(); |
175 | | - $result = $trivy->scanImage($image); |
| 157 | + $security = new Security(); |
| 158 | + $result = $security->scanImage($image, intval($settingsTable['securityScanner']), $settingsTable['securitySnykAPIKey']); |
176 | 159 |
|
177 | 160 | if (!empty($result)) { |
178 | 161 | logger(UI_LOG, $result); |
179 | 162 | } |
180 | 163 |
|
181 | 164 | logger(UI_LOG, 'scanning image ' . $image . ' <-'); |
182 | 165 |
|
183 | | - $vulnCounts = $trivy->getVulnCounts($image); |
| 166 | + $vulnCounts = $security->getVulnCounts($image); |
184 | 167 | echo json_encode([ |
185 | 168 | 'success' => true, |
186 | 169 | 'result' => $result, |
|
0 commit comments