Merge pull request #1119 from lacework/afiune/GROW-1361

https://lacework.atlassian.net/browse/GROW-1361

Author: afiune

api/entities.go

@@ -35,6 +35,7 @@ const (
 	MachineDetailsEntityType
 	UsersEntityType
 	ImagesEntityType
+	ContainersEntityType
 )
 
 // EntityTypes is the list of available entity types
@@ -43,6 +44,7 @@ var EntityTypes = map[EntityType]string{
 	MachineDetailsEntityType: "MachineDetails",
 	UsersEntityType:          "Users",
 	ImagesEntityType:         "Images",
+	ContainersEntityType:     "Containers",
 }
 
 // Search expects the response and the search filters
@@ -75,6 +77,9 @@ func (svc *EntitiesService) Search(response interface{}, filters SearchFilter) e
 	case *ImagesEntityResponse:
 		apiPath = fmt.Sprintf(apiV2EntitiesSearch, EntityTypes[ImagesEntityType])
 
+	case *ContainersEntityResponse:
+		apiPath = fmt.Sprintf(apiV2EntitiesSearch, EntityTypes[ContainersEntityType])
+
 	default:
 		return errors.New("missing implementation for the provided entity response")
 	}

api/entities_containers.go

@@ -0,0 +1,160 @@
+//
+// Author:: Salim Afiune Maya (<[email protected]>)
+// Copyright:: Copyright 2023, Lacework Inc.
+// License:: Apache License, Version 2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package api
+
+import (
+	"time"
+
+	"github.com/lacework/go-sdk/internal/array"
+)
+
+// ListContainers returns a list of Active Containers from the last 7 days
+func (svc *EntitiesService) ListContainers() (response ContainersEntityResponse, err error) {
+	now := time.Now().UTC()
+	before := now.AddDate(0, 0, -7) // 7 days from ago
+	err = svc.Search(&response,
+		SearchFilter{
+			TimeFilter: &TimeFilter{
+				StartTime: &before,
+				EndTime:   &now,
+			},
+		},
+	)
+	return
+}
+
+// ListContainersWithFilters returns a list of Active Containers based on a user defined filter
+func (svc *EntitiesService) ListContainersWithFilters(filters SearchFilter) (response ContainersEntityResponse, err error) {
+	err = svc.Search(&response, filters)
+	return
+}
+
+// ListAllContainers iterates over all pages to return all active container information at once
+func (svc *EntitiesService) ListAllContainers() (response ContainersEntityResponse, err error) {
+	response, err = svc.ListContainers()
+	if err != nil {
+		return
+	}
+
+	var (
+		all    []ContainerEntity
+		pageOk bool
+	)
+	for {
+		all = append(all, response.Data...)
+
+		pageOk, err = svc.client.NextPage(&response)
+		if err == nil && pageOk {
+			continue
+		}
+		break
+	}
+
+	response.Data = all
+	response.ResetPaging()
+	return
+}
+
+// ListAllContainersWithFilters iterates over all pages to return all active container information at once based on a user defined filter
+func (svc *EntitiesService) ListAllContainersWithFilters(filters SearchFilter) (response ContainersEntityResponse, err error) {
+	response, err = svc.ListContainersWithFilters(filters)
+	if err != nil {
+		return
+	}
+
+	var (
+		all    []ContainerEntity
+		pageOk bool
+	)
+
+	for {
+		all = append(all, response.Data...)
+
+		pageOk, err = svc.client.NextPage(&response)
+		if err == nil && pageOk {
+			continue
+		}
+		break
+	}
+
+	response.Data = all
+	response.ResetPaging()
+	return
+}
+
+type ContainersEntityResponse struct {
+	Data   []ContainerEntity `json:"data"`
+	Paging V2Pagination      `json:"paging"`
+}
+
+// Fulfill Pageable interface (look at api/v2.go)
+func (r ContainersEntityResponse) PageInfo() *V2Pagination {
+	return &r.Paging
+}
+func (r *ContainersEntityResponse) ResetPaging() {
+	r.Paging = V2Pagination{}
+}
+
+// Total returns the total number of active containers
+func (r *ContainersEntityResponse) Total() int {
+	uniqMIDs := []int{}
+	for _, container := range r.Data {
+		if !array.ContainsInt(uniqMIDs, container.Mid) {
+			uniqMIDs = append(uniqMIDs, container.Mid)
+		}
+	}
+	return len(uniqMIDs)
+}
+
+// Count returns the number of active containers with the provided image ID
+func (r *ContainersEntityResponse) Count(imageID string) int {
+	uniqMIDs := []int{}
+	for _, container := range r.Data {
+		if container.ImageID == imageID &&
+			!array.ContainsInt(uniqMIDs, container.Mid) {
+			uniqMIDs = append(uniqMIDs, container.Mid)
+		}
+	}
+	return len(uniqMIDs)
+}
+
+type ContainerEntity struct {
+	ContainerName  string                 `json:"containerName"`
+	ImageID        string                 `json:"imageId"`
+	Mid            int                    `json:"mid"`
+	StartTime      time.Time              `json:"startTime"`
+	EndTime        time.Time              `json:"endTime"`
+	PodName        string                 `json:"podName"`
+	PropsContainer map[string]interface{} `json:"propsContainer"`
+	Tags           map[string]interface{} `json:"tags"`
+}
+
+type ContainerEntityProps struct {
+	Name             string    `json:"NAME"`
+	ContainerType    string    `json:"CONTAINER_TYPE"`
+	ImageAuthor      string    `json:"IMAGE_AUTHOR"`
+	ImageCreatedTime time.Time `json:"IMAGE_CREATED_TIME"`
+	ImageID          string    `json:"IMAGE_ID"`
+	ImageParentID    string    `json:"IMAGE_PARENT_ID"`
+	ImageRepo        string    `json:"IMAGE_REPO"`
+	ImageSize        int64     `json:"IMAGE_SIZE"`
+	ImageTag         string    `json:"IMAGE_TAG"`
+	ImageVersion     string    `json:"IMAGE_VERSION"`
+	Ipv4             string    `json:"IPV4"`
+}

cli/cmd/flags.go

@@ -22,7 +22,6 @@ import (
 	"fmt"
 	"reflect"
 	"strings"
-	"time"
 
 	"github.com/pkg/errors"
 )
@@ -119,28 +118,3 @@ func stringSliceToMarkdownList(filters []string) string {
 	}
 	return fmt.Sprintf("    * %s", strings.Join(filters, "\n    * "))
 }
-
-// parse the start and end time provided by the user
-func parseStartAndEndTime(s, e string) (start time.Time, end time.Time, err error) {
-	if s == "" {
-		err = errors.New("when providing an end time, start time should be provided (--start)")
-		return
-	}
-	start, err = time.Parse(time.RFC3339, s)
-	if err != nil {
-		err = errors.Wrap(err, "unable to parse start time")
-		return
-	}
-
-	if e == "" {
-		end = time.Now()
-		return
-	}
-	end, err = time.Parse(time.RFC3339, e)
-	if err != nil {
-		err = errors.Wrap(err, "unable to parse end time")
-		return
-	}
-
-	return
-}

cli/cmd/vuln_container.go

@@ -33,11 +33,15 @@ func init() {
 
 	// add start flag to list-assessments command
 	vulContainerListAssessmentsCmd.Flags().StringVar(&vulCmdState.Start,
-		"start", "", "start of the time range in UTC (format: yyyy-MM-ddTHH:mm:ssZ)",
+		"start", "-24h", "start of the time range",
 	)
 	// add end flag to list-assessments command
 	vulContainerListAssessmentsCmd.Flags().StringVar(&vulCmdState.End,
-		"end", "", "end of the time range in UTC (format: yyyy-MM-ddTHH:mm:ssZ)",
+		"end", "now", "end of the time range",
+	)
+	// range time flag
+	vulContainerListAssessmentsCmd.Flags().StringVar(&vulCmdState.Range,
+		"range", "", "natural time range for query",
 	)
 	// add repository flag to list-assessments command
 	vulContainerListAssessmentsCmd.Flags().StringSliceVarP(&vulCmdState.Repositories,
@@ -78,6 +82,10 @@ func init() {
 		vulContainerShowAssessmentCmd.Flags(),
 	)
 
+	setActiveFlag(
+		vulContainerListAssessmentsCmd.Flags(),
+	)
+
 	setFixableFlag(
 		vulContainerScanCmd.Flags(),
 		vulContainerShowAssessmentCmd.Flags(),