Merge pull request #1 from willyw0nka/add-dataclasses

Multiple improvements

.github/workflows/python-package.yml

@@ -29,9 +29,17 @@ jobs:
         python -m pip install --upgrade pip
         python -m pip install flake8 pytest
         if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+        python -m pip install -e .
+    - name: Install grype
+      run: |
+        curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
+        grype version
     - name: Lint with flake8
       run: |
         # stop the build if there are Python syntax errors or undefined names
         flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
         # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
         flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+    - name: Test with pytest
+      run: |
+        pytest

README.md

@@ -15,7 +15,7 @@ Supported commands
     - [x] delete
     - [ ] diff
     - [ ] import
-    - [ ] list
+    - [x] list
     - [ ] status
     - [x] update
 - [ ] ~~help~~
@@ -35,31 +35,41 @@ pip install pygrype
 ## Usage
 Instantiate `Grype` using the default path
 ```python3
-from pygrype.grype import Grype
+from pygrype import Grype
 grype = Grype()
 ```
 or specify the binary
 ```python3
-from pygrype.grype import Grype
+from pygrype import Grype
 grype = Grype(path='/opt/grype')
 ```
 
 ## Full example
 ```python3
-from pygrype.grype import Grype
+from pygrype import Grype
 
-image = 'alpine:3.12'
-grype = Grype('/opt/grype')
+grype = Grype()
+
+version_info = grype.version()
 
-version = grype.version()
-print('Using Grype version {version}'.format(version=version['version']))
+print(f'Using grype {version_info.version}')
 
-print('Updating DB...')
-grype.db.update()
+images = [
+    'alpine:3.12',
+    'ubuntu:18.04',
+    'debian:9'
+]
 
-scan = grype.scan(image)
-print('Image {image} has {matches} vlunerabilities'.format(
-    image=image,
-    matches=len(scan['matches'])))
+for image in images:
+    scan = grype.scan(image)
+    criticals = len(list(filter(lambda x: x.vulnerability.severity.lower() == 'critical', scan.matches)))
+    print(f'{image} has {len(scan.matches)} vulnerabilities ({criticals} critical)')
+```
+Example output
+```
+Using grype 0.62.3
+alpine:3.12 has 23 vulnerabilities (3 critical)
+ubuntu:18.04 has 18 vulnerabilities (0 critical)
+debian:9 has 213 vulnerabilities (23 critical)
 ```
 

pygrype/__init__.py

@@ -0,0 +1 @@
+from .grype import Grype

pygrype/core/grype_version.py

@@ -0,0 +1,15 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class GrypeVersion:
+    version: str
+    syft_version: str
+    git_commit: str
+    git_description: str
+    build_date: str
+    go_version: str
+    compiler: str
+    platform: str
+    application: str
+    supported_db_schema: int

pygrype/core/list/db_meta_data.py

@@ -0,0 +1,9 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class DBMetaData:
+    built: str
+    version: int
+    url: str
+    checksum: str

pygrype/core/scan/artifact.py

@@ -0,0 +1,19 @@
+from dataclasses import dataclass
+from typing import List
+
+from pygrype.core.scan.location import Location
+from pygrype.core.scan.upstream import Upstream
+
+
+@dataclass
+class Artifact:
+    id: str
+    name: str
+    version: str
+    type: str
+    locations: List[Location]
+    language: str
+    licenses: List[str]
+    cpes: List[str]
+    purl: str
+    upstreams: List[Upstream]

pygrype/core/scan/cvss.py

@@ -0,0 +1,13 @@
+from dataclasses import dataclass
+from typing import Optional
+
+from pygrype.core.scan.cvss_metrics import CVSSMetrics
+
+
+@dataclass
+class CVSS:
+    source: Optional[str]
+    type: Optional[str]
+    version: str
+    vector: str
+    metrics: CVSSMetrics

pygrype/core/scan/cvss_metrics.py

@@ -0,0 +1,8 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class CVSSMetrics:
+    baseScore: float
+    exploitabilityScore: float
+    impactScore: float

pygrype/core/scan/distro.py

@@ -0,0 +1,9 @@
+from dataclasses import dataclass
+from typing import List
+
+
+@dataclass
+class Distro:
+    name: str
+    version: str
+    idLike: List

pygrype/core/scan/layer.py

@@ -0,0 +1,8 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Layer:
+    mediaType: str
+    digest: str
+    size: int

pygrype/core/scan/location.py

@@ -0,0 +1,7 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Location:
+    path: str
+    layerID: str

pygrype/core/scan/match.py

@@ -0,0 +1,14 @@
+from dataclasses import dataclass
+from typing import List
+
+from pygrype.core.scan.artifact import Artifact
+from pygrype.core.scan.match_details import MatchDetails
+from pygrype.core.scan.vulnerability import Vulnerability
+
+
+@dataclass
+class Match:
+    vulnerability: Vulnerability
+    relatedVulnerabilities: List[Vulnerability]
+    matchDetails: List[MatchDetails]
+    artifact: Artifact

pygrype/core/scan/match_details.py

@@ -0,0 +1,12 @@
+from dataclasses import dataclass
+
+from pygrype.core.scan.match_details_found import MatchDetailsFound
+from pygrype.core.scan.match_details_searched_by import MatchDetailsSearchedBy
+
+
+@dataclass
+class MatchDetails:
+    type: str
+    matcher: str
+    searchedBy: MatchDetailsSearchedBy
+    found: MatchDetailsFound

pygrype/core/scan/match_details_found.py

@@ -0,0 +1,9 @@
+from dataclasses import dataclass
+from typing import List, Optional
+
+
+@dataclass
+class MatchDetailsFound:
+    vulnerabilityID: str
+    versionConstraint: str
+    cpes: Optional[List[str]]

pygrype/core/scan/match_details_searched_by.py

@@ -0,0 +1,13 @@
+from dataclasses import dataclass
+from typing import List, Optional
+
+from pygrype.core.scan.package import Package
+from pygrype.core.scan.searched_by_distro import Distro
+
+
+@dataclass
+class MatchDetailsSearchedBy:
+    namespace: str
+    cpes: Optional[List[str]]
+    Package: Optional[Package]
+    distro: Optional[Distro]

pygrype/core/scan/package.py

@@ -0,0 +1,7 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Package:
+    name: str
+    version: str

pygrype/core/scan/scan.py

@@ -0,0 +1,14 @@
+from dataclasses import dataclass
+from typing import List
+
+from pygrype.core.scan.distro import Distro
+from pygrype.core.scan.match import Match
+from pygrype.core.scan.scan_source import ScanSource
+
+
+@dataclass
+class Scan:
+    matches: List[Match]
+    source: ScanSource
+    distro: Distro
+    # descriptor: GrypeScanDescriptor

pygrype/core/scan/scan_source.py

@@ -0,0 +1,9 @@
+from dataclasses import dataclass
+
+from pygrype.core.scan.target import Target
+
+
+@dataclass
+class ScanSource:
+    type: str
+    target: Target

pygrype/core/scan/searched_by_distro.py

@@ -0,0 +1,7 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Distro:
+    type: str
+    version: str

pygrype/core/scan/target.py

@@ -0,0 +1,20 @@
+from dataclasses import dataclass
+from typing import List
+
+from pygrype.core.scan.layer import Layer
+
+
+@dataclass
+class Target:
+    userInput: str
+    imageID: str
+    manifestDigest: str
+    mediaType: str
+    tags: List[str]
+    imageSize: int
+    layers: List[Layer]
+    manifest: str
+    config: str
+    repoDigests: List[str]
+    architecture: str
+    os: str

pygrype/core/scan/upstream.py

@@ -0,0 +1,6 @@
+from dataclasses import dataclass
+
+
+@dataclass
+class Upstream:
+    name: str

pygrype/core/scan/vulnerability.py

@@ -0,0 +1,17 @@
+from dataclasses import dataclass
+from typing import List, Optional
+
+from pygrype.core.scan.cvss import CVSS
+from pygrype.core.scan.vulnerability_fix import VulnerabilityFix
+
+
+@dataclass
+class Vulnerability:
+    id: str
+    description: Optional[str]
+    dataSource: str
+    namespace: str
+    severity: Optional[str]
+    urls: List[str]
+    cvss: List[CVSS]
+    fix: Optional[VulnerabilityFix]

pygrype/core/scan/vulnerability_fix.py

@@ -0,0 +1,8 @@
+from dataclasses import dataclass
+from typing import List
+
+
+@dataclass
+class VulnerabilityFix:
+    versions: List[str]
+    state: str