Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/bethdevopsbunny/tvd
tenable vulnerability diff - a pipeline utility leveraging tenable api to check you haven't introduced new vulnerabilities into your deployment.
https://github.com/bethdevopsbunny/tvd
cicd cybersecurity go tenable
Last synced: 28 days ago
JSON representation
tenable vulnerability diff - a pipeline utility leveraging tenable api to check you haven't introduced new vulnerabilities into your deployment.
- Host: GitHub
- URL: https://github.com/bethdevopsbunny/tvd
- Owner: bethdevopsbunny
- License: mit
- Created: 2022-09-07T07:57:17.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-10-01T17:47:42.000Z (about 2 years ago)
- Last Synced: 2024-08-03T23:29:47.370Z (4 months ago)
- Topics: cicd, cybersecurity, go, tenable
- Language: Go
- Homepage:
- Size: 51.8 KB
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-golang-repositories - tvd - a pipeline utility leveraging tenable api to check you haven't introduced new vulnerabilities into your deployment. (Repositories)
README
# tvd - tenable vulnerability diff
tenable vulnerability diff is a pipeline utility leveraging [tenable api](https://developer.tenable.com/reference/navigate)
to check you haven't introduced new vulnerabilities into your deployment.
## authentication
authentication is handled by storing a tenable api key in an environment variable TENABLE_API_KEY
`export TENABLE_API_KEY='accessKey=accesskey;secretKey=secretkey'`
[how to generate api key](docs/HowToGenerateAPIKey.md)
## arguments
### run
tvd run [flags]
| flags | short hand | type |description | default | mandatory |
|--------------|------------|--------|----------------------------------------------------------------------|---------|-----------|
| --help | ------ | ------ |help for this command | ------ | ------ |
| --scan-name | -s | string |target scan you wish to diff | ------ | yes |
| --critical | -c | bool |if set to false will omit critical results | true | no |
| --high | -h | bool |if set to false will omit high results | true | no |
| --medium | -m | bool |if set to false will omit medium results | true | no |
| --low | -l | bool |if set to false will omit low results | true | no |
| --exit-with-error | -e | bool |returns errorcode 1 if increase to vulnerabilities | false | no |
| --top | -t | int |clamp the number of vulnerabilities
returned in NewVulnerabilities | 30 | no |
| --verbose | -v | int |Displays Logging | 0 | no |
| flags | short hand | type |description | default | mandatory |
| --no-scan | -n | bool |runs the diff without triggering a new scan | false | no |
### ci example
```
version: 2.1
jobs:
launch_tvd:
docker:
- image: cimg/go:1.19.1
steps:
- checkout
- run:
name: "tvd download"
command: |
sudo wget https://github.com/bethdevopsbunny/tvd/releases/download/v0.1/tvd.linux -O /usr/local/bin/tvd
sudo chmod +x /usr/local/bin/tvd
- run:
name: "tvd run"
command: |
tvd run --scan-name << pipeline.scan-name >> --no-scan=true --verbose=1 --exit-with-error=true | jq
workflows:
version: 2
build:
jobs:
- launch_tvd
```