2019-04-30 07:02:09 +03:00
package main
import (
2020-02-28 09:15:34 +03:00
"context"
2019-04-30 07:02:09 +03:00
"flag"
"log"
"os"
"time"
2020-02-28 09:15:34 +03:00
githubql "github.com/shurcooL/githubv4"
"golang.org/x/oauth2"
"golang.org/x/xerrors"
2019-10-13 06:02:24 +03:00
2021-09-03 01:02:09 +03:00
"github.com/aquasecurity/vuln-list-update/alma"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/alpine"
2021-09-12 20:30:20 +03:00
alpineunfixed "github.com/aquasecurity/vuln-list-update/alpine-unfixed"
2020-02-28 09:15:34 +03:00
"github.com/aquasecurity/vuln-list-update/amazon"
2021-06-15 15:43:31 +03:00
arch_linux "github.com/aquasecurity/vuln-list-update/arch"
2023-06-22 10:20:19 +03:00
"github.com/aquasecurity/vuln-list-update/chainguard"
2021-04-27 13:59:59 +03:00
"github.com/aquasecurity/vuln-list-update/cwe"
2021-04-23 11:21:27 +03:00
"github.com/aquasecurity/vuln-list-update/debian/tracker"
2020-02-28 09:15:34 +03:00
"github.com/aquasecurity/vuln-list-update/ghsa"
2021-04-27 13:59:59 +03:00
"github.com/aquasecurity/vuln-list-update/glad"
2023-09-27 16:18:16 +03:00
"github.com/aquasecurity/vuln-list-update/k8s"
2023-06-22 10:20:19 +03:00
"github.com/aquasecurity/vuln-list-update/kevc"
2022-01-29 16:33:40 +03:00
"github.com/aquasecurity/vuln-list-update/mariner"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/nvd"
2021-04-23 11:21:27 +03:00
oracleoval "github.com/aquasecurity/vuln-list-update/oracle/oval"
2021-12-19 15:02:42 +03:00
"github.com/aquasecurity/vuln-list-update/osv"
2019-12-25 16:36:25 +03:00
"github.com/aquasecurity/vuln-list-update/photon"
2021-04-23 11:21:27 +03:00
redhatoval "github.com/aquasecurity/vuln-list-update/redhat/oval"
"github.com/aquasecurity/vuln-list-update/redhat/securitydataapi"
2022-01-18 16:45:06 +03:00
"github.com/aquasecurity/vuln-list-update/rocky"
2021-04-23 11:21:27 +03:00
susecvrf "github.com/aquasecurity/vuln-list-update/suse/cvrf"
2019-08-19 11:47:18 +03:00
"github.com/aquasecurity/vuln-list-update/ubuntu"
"github.com/aquasecurity/vuln-list-update/utils"
2023-06-22 10:20:19 +03:00
"github.com/aquasecurity/vuln-list-update/wolfi"
2019-04-30 07:02:09 +03:00
)
var (
2021-09-12 20:30:20 +03:00
target = flag . String ( "target" , "" , "update target (nvd, alpine, alpine-unfixed, redhat, redhat-oval, " +
2023-09-27 16:18:16 +03:00
"debian, ubuntu, amazon, oracle-oval, suse-cvrf, photon, arch-linux, ghsa, glad, cwe, osv, mariner, kevc, wolfi, chainguard, k8s)" )
2023-06-22 10:20:19 +03:00
vulnListDir = flag . String ( "vuln-list-dir" , "" , "vuln-list dir" )
2022-04-21 12:39:18 +03:00
targetUri = flag . String ( "target-uri" , "" , "alternative repository URI (only glad)" )
targetBranch = flag . String ( "target-branch" , "" , "alternative repository branch (only glad)" )
2019-04-30 07:02:09 +03:00
)
func main ( ) {
if err := run ( ) ; err != nil {
log . Fatal ( err )
}
}
func run ( ) error {
flag . Parse ( )
now := time . Now ( ) . UTC ( )
2023-06-22 10:20:19 +03:00
if * vulnListDir != "" {
utils . SetVulnListDir ( * vulnListDir )
2019-04-30 07:02:09 +03:00
}
switch * target {
case "nvd" :
if err := nvd . Update ( now . Year ( ) ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "NVD update error: %w" , err )
2019-04-30 07:02:09 +03:00
}
case "redhat" :
2023-06-22 10:20:19 +03:00
if err := securitydataapi . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Red Hat Security Data API update error: %w" , err )
2019-04-30 07:02:09 +03:00
}
2019-11-03 21:28:28 +03:00
case "redhat-oval" :
rc := redhatoval . NewConfig ( )
if err := rc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Red Hat OVALv2 update error: %w" , err )
2019-11-03 21:28:28 +03:00
}
2019-04-30 07:02:09 +03:00
case "debian" :
2021-04-23 11:21:27 +03:00
dc := tracker . NewClient ( )
2019-10-16 10:53:47 +03:00
if err := dc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Debian update error: %w" , err )
2019-04-30 07:02:09 +03:00
}
case "ubuntu" :
if err := ubuntu . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Ubuntu update error: %w" , err )
2019-04-30 07:02:09 +03:00
}
case "alpine" :
2021-01-11 18:08:29 +03:00
au := alpine . NewUpdater ( )
if err := au . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Alpine update error: %w" , err )
2019-04-30 07:02:09 +03:00
}
2021-09-12 20:30:20 +03:00
case "alpine-unfixed" :
au := alpineunfixed . NewUpdater ( )
if err := au . Update ( ) ; err != nil {
return xerrors . Errorf ( "Alpine Secfixes Tracker update error: %w" , err )
}
2019-10-13 06:02:24 +03:00
case "amazon" :
2022-07-04 10:35:10 +03:00
ac := amazon . NewConfig ( )
2019-10-13 06:02:24 +03:00
if err := ac . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Amazon Linux update error: %w" , err )
2019-10-13 06:02:24 +03:00
}
2019-11-13 17:38:30 +03:00
case "oracle-oval" :
oc := oracleoval . NewConfig ( )
if err := oc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Oracle OVAL update error: %w" , err )
2019-11-13 17:38:30 +03:00
}
2019-12-15 22:28:23 +03:00
case "suse-cvrf" :
sc := susecvrf . NewConfig ( )
if err := sc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "SUSE CVRF update error: %w" , err )
2019-12-15 22:28:23 +03:00
}
2019-12-25 16:36:25 +03:00
case "photon" :
pc := photon . NewConfig ( )
if err := pc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Photon update error: %w" , err )
2019-12-25 16:36:25 +03:00
}
2020-02-28 09:15:34 +03:00
case "ghsa" :
src := oauth2 . StaticTokenSource (
2023-06-22 10:20:19 +03:00
& oauth2 . Token { AccessToken : os . Getenv ( "GITHUB_TOKEN" ) } ,
2020-02-28 09:15:34 +03:00
)
httpClient := oauth2 . NewClient ( context . Background ( ) , src )
gc := ghsa . NewConfig ( githubql . NewClient ( httpClient ) )
if err := gc . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "GitHub Security Advisory update error: %w" , err )
2020-02-28 09:15:34 +03:00
}
2021-04-27 13:59:59 +03:00
case "glad" :
2022-04-21 12:39:18 +03:00
gu := glad . NewUpdater ( * targetUri , * targetBranch )
2021-04-27 13:59:59 +03:00
if err := gu . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "GitLab Advisory Database update error: %w" , err )
2021-04-27 13:59:59 +03:00
}
2020-08-05 00:01:18 +03:00
case "cwe" :
c := cwe . NewCWEConfig ( )
if err := c . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "CWE update error: %w" , err )
2020-08-05 00:01:18 +03:00
}
2021-06-06 19:14:28 +03:00
case "arch-linux" :
al := arch_linux . NewArchLinux ( )
if err := al . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "Arch Linux update error: %w" , err )
2021-06-06 19:14:28 +03:00
}
2021-09-03 01:02:09 +03:00
case "alma" :
ac := alma . NewConfig ( )
if err := ac . Update ( ) ; err != nil {
2021-09-12 20:30:20 +03:00
return xerrors . Errorf ( "AlmaLinux update error: %w" , err )
2021-09-03 01:02:09 +03:00
}
2022-01-18 16:45:06 +03:00
case "rocky" :
rc := rocky . NewConfig ( )
if err := rc . Update ( ) ; err != nil {
return xerrors . Errorf ( "Rocky Linux update error: %w" , err )
}
2021-12-19 15:02:42 +03:00
case "osv" :
p := osv . NewOsv ( )
if err := p . Update ( ) ; err != nil {
return xerrors . Errorf ( "OSV update error: %w" , err )
}
2022-01-29 16:33:40 +03:00
case "mariner" :
src := mariner . NewConfig ( )
if err := src . Update ( ) ; err != nil {
return xerrors . Errorf ( "CBL-Mariner Vulnerability Data update error: %w" , err )
}
2022-05-26 07:08:21 +03:00
case "kevc" :
src := kevc . NewConfig ( )
if err := src . Update ( ) ; err != nil {
return xerrors . Errorf ( "Known Exploited Vulnerability Catalog update error: %w" , err )
}
2022-12-04 12:07:37 +03:00
case "wolfi" :
wu := wolfi . NewUpdater ( )
if err := wu . Update ( ) ; err != nil {
return xerrors . Errorf ( "Wolfi update error: %w" , err )
}
2023-03-30 11:30:22 +03:00
case "chainguard" :
cu := chainguard . NewUpdater ( )
if err := cu . Update ( ) ; err != nil {
return xerrors . Errorf ( "Chainguard update error: %w" , err )
}
2023-09-27 16:18:16 +03:00
case "k8s" :
2023-11-14 10:25:34 +03:00
ku := k8s . NewUpdater ( )
if err := ku . Update ( ) ; err != nil {
2023-09-28 10:28:05 +03:00
return xerrors . Errorf ( "k8s update error: %w" , err )
2023-09-27 16:18:16 +03:00
}
2019-04-30 07:02:09 +03:00
default :
return xerrors . New ( "unknown target" )
}
return nil
}