public static async Task ProcessImages(DirectoryInfo logDir) { var imageSet = await Anchore.GetAggregatedImages(); foreach (var tagKey in imageSet.Keys.OrderBy(s => s)) { var images = imageSet[tagKey]; for (int i = 0; i < images.Count; i++) { var image = images[i]; var vulnerabilities = await Anchore.GetVulnerabilitiesForImage(image); var result = VulnerabilityStore.Save(logDir, image, null, vulnerabilities); WriteLine($"{image.Tag}; {image.Digest}; New: {result}"); if (i + 1 >= images.Count) { continue; } for (int j = i + 1; j < images.Count; j++) { var image2 = images[j]; var vulnerabilities2 = await Anchore.GetVulnerabilitiesForImage(image); var result2 = VulnerabilityStore.Save(logDir, image2, image, vulnerabilities2); } } } }
private static async Task DiffVulnerabilitiesForTwoImages(DirectoryInfo logDir, ImageInfo imageA, ImageInfo imageB) { var vulnerabilitiesA = VulnerabilityStore.LoadVulnerabilitiesForDigest(logDir, imageA, null); var vulnerabilitiesB = VulnerabilityStore.LoadVulnerabilitiesForDigest(logDir, imageB, imageA); var vulnerabilitiesUniqueToA = vulnerabilitiesA.Except(vulnerabilitiesB).ToList(); var vulnerabilitiesUniqueToB = vulnerabilitiesB.Except(vulnerabilitiesA).ToList(); var vulnerabilitiesShared = vulnerabilitiesA.Intersect(vulnerabilitiesB).ToList(); WriteLine($"New Image: {imageA.TimeStamp}; {imageA.Digest}"); WriteLine($"Old Image: {imageB.TimeStamp}; {imageB.Digest}"); WriteLine("New vulnerabilities:"); await PrintVulnerabilitySummary(vulnerabilitiesUniqueToA); PrintArrayOfStrings(vulnerabilitiesUniqueToA); WriteLine("Fixed vulnerabilities:"); await PrintVulnerabilitySummary(vulnerabilitiesUniqueToB); PrintArrayOfStrings(vulnerabilitiesUniqueToB); WriteLine("Shared vulnerabilities:"); await PrintVulnerabilitySummary(vulnerabilitiesShared); PrintArrayOfStrings(vulnerabilitiesShared); void PrintArrayOfStrings(List <string> strings) { if (strings.Count == 0) { WriteLine("None"); return; } foreach (var s in strings) { WriteLine(s); } } async Task PrintVulnerabilitySummary(List <string> vulns) { if (vulns == null || vulns.Count == 0) { return; } var vulnerabilities = await Anchore.GetVulnerabilitiesForVulns(vulns); var vulnSummary = GetSummary(vulnerabilities); WriteLine(vulnSummary); } }