private async Task UploadAuditMetadata(string folder, AuditMetadata metadata, CancellationToken cancellation)
{
var metadataPath = $"{folder}/meta";
Logger.Information("Uploading metadata to {MetadataPath}", metadataPath);
try
{
var metadataUrl = new Uri($"{this.config.AzureBlobBaseUrl}/{metadataPath}?{this.config.AzureBlobSasToken}");
var auditMetaBlob = new CloudBlockBlob(metadataUrl);
var stringMetadata = JsonConvert.SerializeObject(metadata);
await auditMetaBlob.UploadTextAsync(
stringMetadata,
Encoding.UTF8,
AccessCondition.GenerateEmptyCondition(),
new BlobRequestOptions
{
RetryPolicy = new ExponentialRetry(TimeSpan.FromSeconds(10), 3),
},
new OperationContext(),
cancellation);
}
catch (Exception ex)
{
Logger.Warning(ex, "Audit metadata upload failed");
}
}
private async Task <AuditMetadata> UploadAuditResult(ImageScanDetails details, string folder, CancellationToken cancellation)
{
var auditPath = $"{folder}/scan-result.json";
Logger.Information("Uploading scan result for {Image} to {AuditPath}", details.Image.FullName, auditPath);
var metadata = new AuditMetadata
{
AuditId = details.Id,
ImageTag = details.Image.FullName,
ScannerVersion = this.config.Version,
TrivyVersion = this.config.TrivyVersion,
Timestamp = ((DateTimeOffset)details.Timestamp).ToUnixTimeSeconds(),
};
if (details.ScanResult == ScanResult.Succeeded)
{
try
{
var resultUrl = new Uri($"{this.config.AzureBlobBaseUrl}/{auditPath}?{this.config.AzureBlobSasToken}");
var resultBlob = new CloudBlockBlob(resultUrl);
await resultBlob.UploadTextAsync(
details.Payload,
Encoding.UTF8,
AccessCondition.GenerateEmptyCondition(),
new BlobRequestOptions
{
RetryPolicy = new ExponentialRetry(TimeSpan.FromSeconds(10), 3),
},
new OperationContext(),
cancellation);
metadata.TrivyAuditPath = auditPath;
metadata.AuditResult = "succeeded";
}
catch (Exception ex)
{
Logger.Warning(ex, "Audit result upload failed");
metadata.AuditResult = "upload-failed";
metadata.FailureDescription = ex.Message;
}
}
else
{
metadata.AuditResult = "audit-failed";
metadata.FailureDescription = details.Payload;
}
return(metadata);
}
private async Task <AuditMetadata> UploadAuditResult(SubscriptionScanDetails details, string folder, CancellationToken cancellation)
{
var metadata = new AuditMetadata
{
AuditId = Guid.NewGuid().ToString(),
ScannerVersion = this.scannerVersion,
Periodicity = this.scannerCfg.Periodicity,
AzSkVersion = this.azskVersion,
Timestamp = ((DateTimeOffset)details.Timestamp).ToUnixTimeSeconds(),
};
if (details.ScanResult == ScanResult.Succeeded)
{
try
{
var tasks = details
.ResultFiles
.Select(rf => this.UploadSingleAuditFile(details, folder, cancellation, rf))
.ToArray();
var taskResults = await Task.WhenAll(tasks);
metadata.AuditResult = "succeeded";
metadata.AzSkAuditPaths = tasks.Select(i => i.Result).ToArray();
}
catch (Exception ex)
{
Logger.Warning(ex, "Audit result upload failed");
metadata.AuditResult = "upload-failed";
metadata.FailureDescription = ex.Message;
}
}
else
{
// TODO: add failure description
metadata.AuditResult = "audit-failed";
}
return(metadata);
}