Christmas Pudding or Yule Log(4j)

Christmas Pudding or Yule Log(4j)

Nobody aged thirty or younger will understand the following statement: “One of the best things about Christmas is Christmas TV “. Not just because it is sad!!

Everybody over 40 will get exactly what I mean.?Two or three decades ago, you used to buy something made of paper called the “TV Times” and browse through it to find the best thing to watch on TV’s half-dozen or so channels - between eating turkey sandwiches.?You’d carefully pick out block-buster movies (James Bond, Great Escape……) ?and “TV Xmas specials” to watch. And why not, that was before YouTube, and body-shaming?- when the Pubs and Shops were mostly shut during the week.

This year – NOTHING.?With over a hundred channels, you’d be lucky to find one of the block-buster movies or Xmas Top-of-pops from the 1980s.?They are so old, I know the words and lyrics backwards. Shocking!!

But I LOVE WHAT I DO – although I frequently forget that. So instead of picking up a lovely book about exotic locations that would allow me to forget who I am or looking at dogs dressed as Santa on YouTube – I took the opportunity to do some coding to improve my reaction to nasty things like Log4j.

And because the TV was so bad, this diversion progressed from writing some hastily cobbled together “For-loops”, then to seeing if I could optimise it, enhancing it a bit to only get me the very newest entry from each repository and finally I produced a fully reporting browser tool/website in Node.JS to view the output in a pretty print and executive summary format.

Another difference between the 30-somethings, spritely 43year youngster ?:- ) like me – I put comments in my code.?Therefore, I am not telling you what it does, you can guess! Treat it as a Christmas quiz

# ========Part1:?Get Repository and newest entry ============

$b = @()

$hashit = @{}

$repositorys = aws ecr?describe-repositories --output text

# For every repository - get the newest image

?foreach ( $repository????in??$repositorys )??{

??# SPlit repository record?into fields

??( $dummy , $time,?$repositoryArn, $registryId, $URI,?$repositoryName,?$createdAt, $imageTagMutability ,$imageScanningConfiguration, $ENCTITLE, $ENCALGO, $IMAGESCAN, $TorF ) = $repository.split()

???if?( $dummy.contains("REPOSITORIES") )?{

????$b += $repositoryName

????# only for the main REPOSITORY RECORD, get the newest image details

????$tag = aws ecr describe-images --repository-name $repositoryName --query "sort_by(imageDetails,& imagePushedAt)[-1].imageTags[0]" --output text

????# Build a diction or Repository Name and Tag

?????$hashit.add( $repositoryName,??$tag)

????}

?#

?}

#

#========Part2: Dump scan into a file =======

foreach ( $targetRepo in $hashit.keys ) {

?#

?$newestTag=$hashit[$targetRepo]

?# build?file name

?$outfile =?$targetRepo + "-scan.json"

?#?command below gets finding -- modify to "start-image-scan"?to rescan all REPOs

?aws ecr?describe-image-scan-findings --repository-name $targetRepo --image-id imageTag="$newestTag"?>??$outfile

?#

?write-host "Scan for?lastest image $newestTag?in $targetRepo written to $outfile"

?}

Gotta go Scooby Doo has just come on

I was thinking of publishing the finished article on source-forge or packet-storm !! Oh nobody does that anymore either :-)