quaik8/gdit-back
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add vulnerability scanner and WebSocket manager for scan notifications

Browse Source 
- Implemented VulnerabilityScanner class to scan images for vulnerabilities using Trivy and NVD API.
- Added methods to parse and store vulnerability data in the database.
- Created WebSocketManager class to handle real-time notifications for scan status updates.
- Integrated WebSocket notifications for scan start, completion, and failure events.
This commit is contained in:
JSC
2025-07-10 22:57:00 +02:00
parent 7f8c47273a
commit 2c64c2c34d
11 changed files with 3042 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
README.md
View File

@@ -0,0 +1,51 @@
# GitLab Docker Images Tracker - Backend
FastAPI backend for tracking Docker images across GitLab repositories with vulnerability scanning.
## Setup
1. Install dependencies:
```bash
uv sync
```
2. Set environment variables:
```bash
export GITLAB_TOKEN="your_gitlab_token_here"
export GITLAB_URL="https://your-gitlab-instance.com" # Optional, defaults to gitlab.com
export GITLAB_GROUPS="group1,group2,group3" # Optional, comma-separated list of group IDs or paths
```
**Group Filtering**: To limit scanning to specific GitLab groups (recommended for large instances), set the `GITLAB_GROUPS` environment variable with a comma-separated list of group IDs or paths. For example:
- `GITLAB_GROUPS=my-team,docker-projects` (using group paths)
- `GITLAB_GROUPS=123,456,789` (using group IDs)
- Leave empty to scan all projects (not recommended for large instances)
3. Run the application:
```bash
uv run python main.py
```
The API will be available at `http://localhost:5000`
## Features
- Project discovery from GitLab
- Docker image parsing from Dockerfiles, docker-compose files, and CI configs
- Vulnerability scanning with Trivy or API fallback
- Ignore rule management
- REST API for frontend integration
## API Endpoints
- `GET /dashboard` - Dashboard statistics
- `GET /projects` - List projects
- `GET /images` - List Docker images
- `GET /vulnerabilities` - List vulnerabilities
- `GET /ignore-rules` - List ignore rules
- `POST /scan/projects` - Start project discovery scan
- `POST /scan/vulnerabilities` - Start vulnerability scan
## Configuration
The application uses SQLite for data storage. The database file `gitlab_docker_tracker.db` will be created automatically on first run.