feat: add package purl in vuln report (#2311)

Signed-off-by: Lukas Hoehl <[email protected]> Co-authored-by: Lukas Hoehl <[email protected]>
aquasecurity · Nov 21, 2024 · fadc65c · fadc65c
1 parent 1880d76
commit fadc65c
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 0 deletions.
diff --git a/deploy/helm/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml b/deploy/helm/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml
@@ -234,6 +234,8 @@ spec:
                       items:
                         type: string
                       type: array
+                    packagePURL:
+                      type: string
                     packagePath:
                       type: string
                     packageType:

diff --git a/deploy/helm/crds/aquasecurity.github.io_vulnerabilityreports.yaml b/deploy/helm/crds/aquasecurity.github.io_vulnerabilityreports.yaml
@@ -235,6 +235,8 @@ spec:
                       items:
                         type: string
                       type: array
+                    packagePURL:
+                      type: string
                     packagePath:
                       type: string
                     packageType:

diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -1441,6 +1441,8 @@ spec:
                       items:
                         type: string
                       type: array
+                    packagePURL:
+                      type: string
                     packagePath:
                       type: string
                     packageType:
@@ -2879,6 +2881,8 @@ spec:
                       items:
                         type: string
                       type: array
+                    packagePURL:
+                      type: string
                     packagePath:
                       type: string
                     packageType:

diff --git a/pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go b/pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go
@@ -111,6 +111,7 @@ type Vulnerability struct {
 	Class       string `json:"class,omitempty"`
 	PackageType string `json:"packageType,omitempty"`
 	PkgPath     string `json:"packagePath,omitempty"`
+	PkgPURL     string `json:"packagePURL,omitempty"`
 }
 
 // +kubebuilder:object:root=true

diff --git a/pkg/vulnerabilityreport/io.go b/pkg/vulnerabilityreport/io.go
@@ -162,6 +162,10 @@ func GetVulnerabilitiesFromScanResult(report ty.Result, addFields AdditionalFiel
 			Score:            GetScoreFromCVSS(GetCvssV3(sr.CVSS)),
 		}
 
+		if sr.PkgIdentifier.PURL != nil {
+			vulnerability.PkgPURL = sr.PkgIdentifier.PURL.String()
+		}
+
 		if addFields.Description {
 			vulnerability.Description = sr.Description
 		}