fix: vulnerability scans of unsupported images

Lacework runs vulnerability scans only against the following list of supported distributions: * https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview Any other container image that is not listed there is unsupported and we will be displaying an error message similar to: ``` $ lacework vul report sha256:04e8df550c7b52cd8ec64143a1c853cd76b234b29ad9e37149ffe04786acd142 Usage: lacework vulnerability report <sha256:hash> [flags] Flags: --details increase details about the vulnerability report --digest tread the provided sha256 hash as image digest (DEPRECATED) (default true) -h, --help help for report --image_id tread the provided sha256 hash as image id Global Flags: -a, --account string account subdomain of URL (i.e. <ACCOUNT>.lacework.net) -k, --api_key string access key id -s, --api_secret string secret access key --debug turn on debug logging --json switch commands output from human-readable to json format --nocolor turn off colors --noninteractive disable interactive progress bars (i.e. 'spinners') -p, --profile string switch between profiles configured at ~/.lacework.toml ERROR unable to get report for the provided container image. (unsupported distribution) For more information about supported distributions, visit: https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview ``` Closes #132 Signed-off-by: Salim Afiune Maya <[email protected]>
lacework · Jun 5, 2020 · 3d33a78 · 3d33a78
1 parent 52951f4
commit 3d33a78
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/cli/cmd/vulnerability.go b/cli/cmd/vulnerability.go
@@ -243,6 +243,14 @@ lookup a report by its image id, provided the flag '--image_id'.
 				}
 
 				cli.OutputHuman(buildVulnerabilityReport(&report.Data))
+			case "Unsupported":
+				return errors.Errorf(
+					`unable to retrieve report for the provided container image. (unsupported distribution)
+
+For more information about supported distributions, visit:
+    https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview
+`,
+				)
 			case "NotFound":
 				msg := fmt.Sprintf(
 					"unable to find any container vulnerability report with %s '%s'",
@@ -362,6 +370,14 @@ func checkScanStatus(requestID string, lacework *api.Client) (*api.VulContainerR
 		return &scan.Data, nil, false
 	case "Scanning":
 		return &scan.Data, nil, true
+	case "Unsupported":
+		return nil, errors.Errorf(
+			`unable to run assessment for the provided container image. (unsupported distribution)
+
+For more information about supported distributions, visit:
+    https://support.lacework.com/hc/en-us/articles/360035472393-Container-Vulnerability-Assessment-Overview
+`,
+		), false
 	case "NotFound":
 		return nil, errors.Errorf(
 			"unable to find any vulnerability scan with request id '%s'",