+ def process_results(self, **kwargs):
+ """Process kube-hunter details"""
+ self.details = json.loads(self.pod_log.splitlines()[-1])
+ if self.details["vulnerabilities"]:
+ self.result = 100
+ msg = prettytable.PrettyTable(
+ header_style='upper', padding_width=5,
+ field_names=['category', 'vulnerability', 'severity'])
+ severity = kwargs.get("severity", "high")
+ if severity == "low":
+ allowed_severity = []
+ elif severity == "medium":
+ allowed_severity = ["low"]
+ elif severity == "high":
+ allowed_severity = ["low", "medium"]
+ else:
+ self.__logger.warning(
+ "Selecting high as default severity (%s is incorrect)",
+ kwargs.get("severity", "high"))
+ severity = "high"
+ allowed_severity = ["low", "medium"]
+ for vulnerability in self.details["vulnerabilities"]:
+ if vulnerability["severity"] in allowed_severity:
+ self.__logger.warning(
+ "Skipping %s (severity is configured as %s)",
+ vulnerability["vulnerability"], severity)
+ else:
+ self.result = 0
+ msg.add_row(
+ [vulnerability["category"], vulnerability["vulnerability"],
+ vulnerability["severity"]])
+ self.__logger.warning("\n\n%s\n", msg.get_string())
+ if self.details["hunter_statistics"]:
+ msg = prettytable.PrettyTable(
+ header_style='upper', padding_width=5,
+ field_names=['name', 'description', 'vulnerabilities'])
+ for statistics in self.details["hunter_statistics"]:
+ msg.add_row(
+ [statistics["name"],
+ textwrap.fill(statistics["description"], width=50),
+ statistics["vulnerabilities"]])
+ self.__logger.info("\n\n%s\n", msg.get_string())
+
+ def run(self, **kwargs):
+ super(KubeHunter, self).run(**kwargs)
+ try:
+ self.process_results(**kwargs)
+ except Exception: # pylint: disable=broad-except
+ self.__logger.exception("Cannot process results")
+ self.result = 0
+