Add paths to twistlock packages
This python code works to augment Twistlock findings with a package path if it is found in the "applications" or "packages" section of the JSON results structure. Note: not all packages in Twistlock provide a path (e.g. RPMs will still have packagePath: None).
TODO:
-
Figure out how to update existing Twistlock findings in VAT with this change - VAT will consider these "new" findings if the package path changes from null to a real path
- A VAT update will be required to gracefully accept this new data without invalidating old findings
-
Review twistcli structure and see if this works there too.
Until the pipeline is updated, the following Python script may be used locally with a twistlock_cve.json file downloaded from the twistlock-scan stage of the Iron Bank pipeline:
Use newer script linked later in this issue.
Edited by David Freeman