feat: add k8s scan report (#59)

go.mod

@@ -18,6 +18,7 @@ require (
 	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/BurntSushi/toml v1.4.0 // indirect
+	github.com/CycloneDX/cyclonedx-go v0.9.1 // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver/v3 v3.3.0 // indirect
@@ -32,8 +33,11 @@ require (
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d // indirect
+	github.com/aquasecurity/table v1.8.0 // indirect
+	github.com/aquasecurity/tml v0.6.1 // indirect
 	github.com/aquasecurity/trivy-checks v1.2.2 // indirect
 	github.com/aquasecurity/trivy-db v0.0.0-20240910133327-7e0f4d2ed4c1 // indirect
+	github.com/aquasecurity/trivy-kubernetes v0.6.7-0.20241029051843-2606b7e0f0b4 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aws/aws-sdk-go v1.55.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.63.2 // indirect
@@ -116,6 +120,8 @@ require (
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect
+	github.com/knqyf263/go-deb-version v0.0.0-20230223133812-3ed183d23422 // indirect
+	github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 // indirect
 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
 	github.com/liamg/iamgo v0.0.9 // indirect
@@ -135,6 +141,7 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/moby/buildkit v0.16.0 // indirect
@@ -186,6 +193,7 @@ require (
 	github.com/yashtewari/glob-intersection v0.2.0 // indirect
 	github.com/zclconf/go-cty v1.15.0 // indirect
 	github.com/zclconf/go-cty-yaml v1.0.3 // indirect
+	go.etcd.io/bbolt v1.3.11 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect

render/render.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"text/template"
 
+	k8s "github.com/aquasecurity/trivy/pkg/k8s/report"
 	"github.com/aquasecurity/trivy/pkg/types"
 	"golang.org/x/xerrors"
 )
@@ -14,11 +15,22 @@ import (
 var htmlTmpl []byte
 
 func Render(fileName string, inputData []byte) error {
+	var kubernetes k8s.Report
 	var report types.Report
+
+	if err := json.Unmarshal(inputData, &kubernetes); err != nil {
+		return xerrors.Errorf("error decoding body: %v\n", err)
+	}
+
 	if err := json.Unmarshal(inputData, &report); err != nil {
 		return xerrors.Errorf("error decoding body: %v\n", err)
 	}
 
+	results := report.Results
+	for _, resource := range kubernetes.Resources {
+		results = append(results, resource.Results...)
+	}
+
 	tmpl, err := template.New("temp").Parse(string(htmlTmpl))
 	if err != nil {
 		return xerrors.Errorf("error parsing template: %v\n", err)
@@ -30,7 +42,7 @@ func Render(fileName string, inputData []byte) error {
 	}
 	defer output.Close()
 
-	if err := tmpl.Execute(output, report); err != nil {
+	if err = tmpl.Execute(output, results); err != nil {
 		return xerrors.Errorf("error executing template: %v\n", err)
 	}
 

render/render_test.go

@@ -22,6 +22,11 @@ func TestRender(t *testing.T) {
 			jsonPath:   "testdata/input/happy.json",
 			goldenPath: "testdata/golden/happy.html",
 		},
+		{
+			name:       "happy k8s",
+			jsonPath:   "testdata/input/happy-k8s.json",
+			goldenPath: "testdata/golden/happy-k8s.html",
+		},
 		{
 			name:       "happy empty",
 			jsonPath:   "testdata/input/empty.json",

render/template/html.tpl

@@ -490,8 +490,8 @@
 </head>
 <body>
 <main id="root">
-{{- if .Results }}
-    <h1 id="report-title">Trivy Report - <span class="report-title__target"> {{ ( index .Results 0 ).Target }}</span>
+{{- if . }}
+    <h1 id="report-title">Trivy Report - <span class="report-title__target"> {{ ( index . 0 ).Target }}</span>
     </h1>
     <div class="filter_bar">
         <input type="text" placeholder="Search.."
@@ -500,7 +500,7 @@
     </div>
 
 
-{{- range .Results }}
+{{- range . }}
 {{- if or .Vulnerabilities .Misconfigurations .Secrets}}
     <div class="header">
         <h3 class="header__title ta-center"> {{ .Target}} </h3>