47 lines
1.6 KiB
Python
47 lines
1.6 KiB
Python
|
|
|
|
from __future__ import annotations
|
|
|
|
from .scanner import scan_running_containers
|
|
from .osv_client import annotate_containers_with_osv
|
|
from .report import print_report
|
|
from .user_config import load_config
|
|
|
|
|
|
def main() -> int:
|
|
cfg = load_config()
|
|
|
|
progress_enabled = bool(cfg.get("progress", {}).get("enabled", True))
|
|
containers = scan_running_containers(progress_enabled=progress_enabled)
|
|
|
|
# Compare against OSV (with severity filtering)
|
|
osv_cfg = cfg.get("osv", {}) or {}
|
|
vulns_cfg = cfg.get("vulns", {}) or {}
|
|
annotate_containers_with_osv(
|
|
containers,
|
|
chunk_size=int(osv_cfg.get("chunk_size", 250)),
|
|
hydrate_details=bool(osv_cfg.get("hydrate_details", True)),
|
|
max_hydrate_ids=int(osv_cfg.get("max_hydrate_ids", 300)),
|
|
min_severity=str(vulns_cfg.get("min_severity", "MEDIUM")),
|
|
include_unknown=bool(vulns_cfg.get("include_unknown", True)),
|
|
progress_enabled=progress_enabled,
|
|
)
|
|
|
|
out_cfg = cfg.get("output", {}) or {}
|
|
print_report(
|
|
containers,
|
|
group_by_service=bool(out_cfg.get("group_by_service", True)),
|
|
sections=out_cfg.get("sections", {}) or {},
|
|
max_deps_per_ecosystem=int(out_cfg.get("max_deps_per_ecosystem", 20)),
|
|
max_dev_deps_per_ecosystem=int(out_cfg.get("max_dev_deps_per_ecosystem", 10)),
|
|
top_affected=int(vulns_cfg.get("top_affected", 8)),
|
|
)
|
|
|
|
print("=" * 88)
|
|
print(f"Всего контейнеров проанализировано: {len(containers)}")
|
|
return 0
|
|
|
|
|
|
if __name__ == "__main__":
|
|
raise SystemExit(main())
|