Environment

Aqua CSP

 

Deployment Task

How to automate the process of Acknowledge and Unacknowledge Issues with the REST API. 

 

Deployment Steps

There are 3 different types of acknowledgement for issues. All of them have a minimum number of fields required for the REST API call to work.

 1. Minimum body requirements for “acknowledge an issue” on a single image:

 

POST - acknowledge an issue

/api/v2/risks/acknowledge

 

{

    "issues":    

    [    

        {

             "issue_type":"vulnerability",    

             "issue_name":"CVE-2017-17458",

             "resource_type":"package",

             "resource_cpe":"pkg:/debian:9:mercurial:4.0-1+deb9u1",

         "resource_name": "deep-extend",

         "resource_version": "0.4.2",

         "resource_path": "/usr/local/nvm/versions/node/node_modules/deep-extend",

             "registry_name":"Docker Hub",

             "image_name":"aqua/aqua:latest"

        }

    ],

            "comment":"THIS IS OK FOR ONE IMAGE"

}

 

 

 

DELETE – unacknowledge an issue, just removing comment

/api/v2/risks/acknowledge

 

{

    "issues":

    [

        {

             "issue_type":"vulnerability",    

             "issue_name":"CVE-2017-17458",

             "resource_type":"package",

             "resource_cpe":"pkg:/debian:9:mercurial:4.0-1+deb9u1",

         "resource_name": "deep-extend",

         "resource_version": "0.4.2",

         "resource_path": "/usr/local/nvm/versions/node/node_modules/deep-extend",

             "registry_name":"Docker Hub",

             "image_name":"aqua/aqua:latest"

            

        }

    ]

    

}

 

2. Minimum body requirements to acknowledge an issue, in all images on a specific repository. For deletion, use the same logic:

 

POST - acknowledge an issue

/api/v2/risks/acknowledge

{

    "issues":    

    [    

        {

             "issue_type":"vulnerability",    

             "issue_name":"CVE-2017-17458",

             "resource_type":"package",

             "resource_cpe":"pkg:/debian:9:mercurial:4.0-1+deb9u1",

         "resource_name": "deep-extend",

         "resource_version": "0.4.2",

         "resource_path": "",

             "registry_name":"Docker Hub",

            "repository_name":"aqua/aqua"

        }

    ],

            "comment":"THIS IS OK FOR ONE REPO"

}

 

3. Minimum body requirements to acknowledge an issue in all images. For deletion, use the same logic.

 

{

    "issues":    

    [    

        {

           "issue_type":"vulnerability",

             "issue_name":"CVE-2017-17458",

             "resource_type":"package",

             "resource_cpe":"pkg:/debian:9:mercurial:4.0-1+deb9u1"

         "resource_name": "deep-extend",

         "resource_version": "0.4.2",

         "resource_path": "",

 

        }

    ],

            "comment":"THIS IS OK FOR ALL IMAGES"

}

 

In order to obtain some of the required fields, use this REST API call:

 

GET   /api/v2/risks/vulnerabilities?text_search=<Vulnerability_Name>&image_name=<Full_Image_Name>

 

Where you are going to be able to identify that,
 

"name" = "issue_name"

"resource.type" = "resource_type"

"resource.cpe"  = "resource_cpe"

“resource.name” = "resource_name"

“resource.version” = "resource_version"

“resource.path” = "resource_path"

 

 

This will allow you to create an automated task for acknowledge and unacknowledged issues.

 

Related information

https://docs.aquasec.com/v4.2/reference#aqua-api-overview