From e2c8c8dd1ee98d800902e6b671477e955e30a7fe Mon Sep 17 00:00:00 2001 From: Salim Afiune Maya Date: Tue, 21 Apr 2020 12:53:50 -0600 Subject: [PATCH] feat(cli): 'vul scan run' command can poll for status The command `lacework vul scan run` has now a `--poll` flag that will lock the command and track the progress of the scan until completion. ``` $ lacework vulnerability scan run index.docker.io techallylw/lacework-cli-ubuntu18 latest --poll A new vulnerability scan has been requested. (request_id: 7ac5dac2-7381-432f-8e64-d24105faf44a) CONTAINER IMAGE DETAILS | VULNERABILITIES ------------------------------------------------------------------------------------------+--------------------------------- ID sha256:8691d91057442af854be19c2d75c976e7cfca7c5aca8a6ef4498d9bd4d56a644 | SEVERITY COUNT FIXABLE Digest sha256:9781fc23fc36970652acdfba82432637c059ea9f66bed9c5500a9d9cd6106f37 | -----------+-------+---------- Registry index.docker.io | Critical 0 0 Repository techallylw/lacework-cli-ubuntu18 | High 0 0 Size 32.5 MB | Medium 5 0 Created At 2020-04-21T18:00:00+0000 | Low 18 0 Tags latest | Info 11 0 | ``` Signed-off-by: Salim Afiune Maya --- cli/cmd/vulnerability.go | 70 ++++++++++++++++++++++++++-------------- 1 file changed, 45 insertions(+), 25 deletions(-) diff --git a/cli/cmd/vulnerability.go b/cli/cmd/vulnerability.go index 98a2c97cd..5fc089b80 100644 --- a/cli/cmd/vulnerability.go +++ b/cli/cmd/vulnerability.go @@ -118,8 +118,23 @@ Arguments: "A new vulnerability scan has been requested. (request_id: %s)\n\n", scan.Data.RequestID, ) - fmt.Println("To track the progress of the scan, use the command:") - fmt.Printf("\t$ lacework vulnerability scan show %s\n", scan.Data.RequestID) + + if vulCmdState.Poll { + cli.Log.Infow("tracking scan progress", + "param", "--poll", + "request_id", scan.Data.RequestID, + ) + report, err := pollScanStatus(scan.Data.RequestID, lacework) + if err != nil { + return errors.Wrap(err, "unable to track scan status") + } + + cli.Log.Info("scan completed, displaying report") + fmt.Println(report) + } else { + fmt.Println("To track the progress of the scan, use the command:") + fmt.Printf(" $ lacework vulnerability scan show %s\n", scan.Data.RequestID) + } return nil }, } @@ -139,30 +154,10 @@ Arguments: } if vulCmdState.Poll { - var ( - report string - retry bool - s = spinner.New(spinner.CharSets[9], 100*time.Millisecond) - ) - s.Suffix = " Scan running..." - s.Start() - - for { - report, err, retry = checkScanStatus(args[0], lacework) - if err != nil { - return err - } - - if retry { - time.Sleep(vulCmdState.PollInterval) - continue - } - - break + report, err := pollScanStatus(args[0], lacework) + if err != nil { + return errors.Wrap(err, "unable to poll scan status") } - - s.Stop() - // To make the report easy to read, add an empty carrier return fmt.Println("") fmt.Println(report) @@ -258,6 +253,10 @@ func init() { vulScanCmd.AddCommand(vulScanRunCmd) vulScanCmd.AddCommand(vulScanShowCmd) + vulScanRunCmd.Flags().BoolVar(&vulCmdState.Poll, "poll", false, + fmt.Sprintf("poll until the vulnerability scan completes (%vs intervals)", + vulCmdState.PollInterval.Seconds()), + ) vulScanShowCmd.Flags().BoolVar(&vulCmdState.Poll, "poll", false, fmt.Sprintf("poll until the vulnerability scan completes (%vs intervals)", vulCmdState.PollInterval.Seconds()), @@ -269,6 +268,27 @@ func init() { ) } +func pollScanStatus(requestID string, lacework *api.Client) (string, error) { + s := spinner.New(spinner.CharSets[9], 100*time.Millisecond) + s.Suffix = " Scan running..." + s.Start() + defer s.Stop() + + for { + report, err, retry := checkScanStatus(requestID, lacework) + if err != nil { + return "", err + } + + if retry { + time.Sleep(vulCmdState.PollInterval) + continue + } + + return report, nil + } +} + func checkScanStatus(requestID string, lacework *api.Client) (string, error, bool) { cli.Log.Debugw("verifying status of vulnerability scan", "request_id", requestID) scan, err := lacework.Vulnerabilities.ScanStatus(requestID)