From 837d4212c23cb6f7cbf5a87f3f6c98c897fdf86a Mon Sep 17 00:00:00 2001 From: Philip Paeps Date: Tue, 13 Feb 2024 13:01:39 +0800 Subject: [PATCH] plugins/cvelib: new plugin for CVE Services API The CVE Services API allows CVE Numbering Authorities (CNAs) to reserve, publish, and manage CVE IDs. This plugin sets the environment variables required to use the reference cvelib implementation of the API. See also: https://www.cve.org/AllResources/CveServices https://github.com/RedHatProductSecurity/cvelib https://vulnogram.github.io/cve5/#cvePortal --- plugins/cvelib/api_key.go | 49 +++++++++++++++++++++++++++++++++++++++ plugins/cvelib/cve.go | 25 ++++++++++++++++++++ plugins/cvelib/plugin.go | 22 ++++++++++++++++++ 3 files changed, 96 insertions(+) create mode 100644 plugins/cvelib/api_key.go create mode 100644 plugins/cvelib/cve.go create mode 100644 plugins/cvelib/plugin.go diff --git a/plugins/cvelib/api_key.go b/plugins/cvelib/api_key.go new file mode 100644 index 00000000..54018e1a --- /dev/null +++ b/plugins/cvelib/api_key.go @@ -0,0 +1,49 @@ +package cvelib + +import ( + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/importer" + "github.com/1Password/shell-plugins/sdk/provision" + "github.com/1Password/shell-plugins/sdk/schema" + "github.com/1Password/shell-plugins/sdk/schema/credname" + "github.com/1Password/shell-plugins/sdk/schema/fieldname" +) + +func APIKey() schema.CredentialType { + return schema.CredentialType{ + Name: credname.APIKey, + DocsURL: sdk.URL("https://github.com/RedHatProductSecurity/cvelib"), + ManagementURL: sdk.URL("https://vulnogram.github.io/cve5/#cvePortal"), + Fields: []schema.CredentialField{ + { + Name: fieldname.User, + MarkdownDescription: "User to authenticate to CVE Services API (CVE user).", + }, + { + Name: fieldname.Organization, + MarkdownDescription: "Organization to authenticate to CVE Services API (CNA short name).", + }, + { + Name: fieldname.APIKey, + MarkdownDescription: "API Key used to authenticate to CVE Services API (CNA API key).", + Secret: true, + Composition: &schema.ValueComposition{ + Length: 36, + Charset: schema.Charset{ + Lowercase: true, + Digits: true, + }, + }, + }, + }, + DefaultProvisioner: provision.EnvVars(defaultEnvVarMapping), + Importer: importer.TryAll( + importer.TryEnvVarPair(defaultEnvVarMapping), + )} +} + +var defaultEnvVarMapping = map[string]sdk.FieldName{ + "CVE_USER": fieldname.User, + "CVE_ORG": fieldname.Organization, + "CVE_API_KEY": fieldname.APIKey, +} diff --git a/plugins/cvelib/cve.go b/plugins/cvelib/cve.go new file mode 100644 index 00000000..dc73e0b5 --- /dev/null +++ b/plugins/cvelib/cve.go @@ -0,0 +1,25 @@ +package cvelib + +import ( + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/needsauth" + "github.com/1Password/shell-plugins/sdk/schema" + "github.com/1Password/shell-plugins/sdk/schema/credname" +) + +func CVEServicesAPICLI() schema.Executable { + return schema.Executable{ + Name: "CVE Services API CLI", + Runs: []string{"cve"}, + DocsURL: sdk.URL("https://github.com/RedHatProductSecurity/cvelib"), + NeedsAuth: needsauth.IfAll( + needsauth.NotForHelpOrVersion(), + needsauth.NotWithoutArgs(), + ), + Uses: []schema.CredentialUsage{ + { + Name: credname.APIKey, + }, + }, + } +} diff --git a/plugins/cvelib/plugin.go b/plugins/cvelib/plugin.go new file mode 100644 index 00000000..9a47a7bc --- /dev/null +++ b/plugins/cvelib/plugin.go @@ -0,0 +1,22 @@ +package cvelib + +import ( + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/schema" +) + +func New() schema.Plugin { + return schema.Plugin{ + Name: "cvelib", + Platform: schema.PlatformInfo{ + Name: "CVE Services", + Homepage: sdk.URL("https://www.cve.org/AllResources/CveServices"), + }, + Credentials: []schema.CredentialType{ + APIKey(), + }, + Executables: []schema.Executable{ + CVEServicesAPICLI(), + }, + } +}