Merge pull request #8 from akobir-arc/work-with-defaults

conditionally fall back to using tag, title

Author: csepulveda

main.go

@@ -145,8 +145,8 @@ func getConfigAuditReportFindings(body []byte) ([]types.AwsSecurityFinding, erro
 
 		// Truncate description if too long
 		description := check.Description
-		if len(description) > 512 {
-			description = description[:512] + "..."
+		if len(description) > 1024 {
+			description = description[:1021] + "..."
 		}
 
 		findings = append(findings, types.AwsSecurityFinding{
@@ -266,7 +266,13 @@ func getVulnerabilityReportFindings(body []byte) ([]types.AwsSecurityFinding, er
 	Registry := vulnerabilityReport.Report.Registry.Server
 	Repository := vulnerabilityReport.Report.Artifact.Repository
 	Digest := vulnerabilityReport.Report.Artifact.Digest
-	FullImageName := fmt.Sprintf("%s/%s:%s", Registry, Repository, Digest)
+	FullImageName := fmt.Sprintf("%s/%s@%s", Registry, Repository, Digest)
+	Tag := vulnerabilityReport.Report.Artifact.Tag
+	// use tag if digest is empty
+	if Digest == "" {
+		FullImageName = fmt.Sprintf("%s/%s:%s", Registry, Repository, Tag)
+	}
+
 	ImageName := fmt.Sprintf("%s/%s", Registry, Repository)
 
 	// Prepare findings for AWS Security Hub BatchImportFindings API
@@ -279,10 +285,14 @@ func getVulnerabilityReportFindings(body []byte) ([]types.AwsSecurityFinding, er
 			severity = "INFORMATIONAL"
 		}
 
-		// Truncate description if too long
 		description := vulnerabilities.Description
-		if len(description) > 512 {
-			description = description[:512] + "..."
+		// check if description is empty, replace with title
+		if vulnerabilities.Description == "" {
+			description = vulnerabilities.Title
+		}
+		// Truncate description if too long
+		if len(description) > 1024 {
+			description = description[:1021] + "..."
 		}
 
 		findings = append(findings, types.AwsSecurityFinding{

readme.md

@@ -22,6 +22,7 @@ This application processes vulnerability reports from Trivy, a vulnerability sca
 - **AWS Account**: This application uses AWS Security Hub to store and manage security findings, so you must have an active AWS account and the necessary permissions.
 - **Trivy**: You must set up Trivy to scan container images and send reports to the webhook endpoint.
 - **Go**: The application is written in Go, so you'll need Go installed to build and run it.
+- **Security Hub Integration**: You must accept findings from `Aqua Security: Aqua Security` in AWS Security Hub. This allows the application to import findings into Security Hub.
 
 ## Setup and Installation