#!/bin/sh

CONFIG_FILE="$(dirname ${WORKING_DIR})/config.yml"
CVE_FILE="$(dirname ${WORKING_DIR})/$(yq '.report_file' ${CONFIG_FILE})"
VEX_REPORT_FILENAME="scan.openvex.json"
CONSOLIDATED_VEX_REPORT_FILENAME="rancher.openvex.json"
VEX_HUB_REPO="https://github.com/rancher/vexhub"
VEX_HUB_PR_LABEL="vexhub-reports"
VEX_HUB_PR_TITLE="[VEX Hub] Report update"
VEX_HUB_PR_AUTHOR="rancher-security-bot"
VEX_HUB_PR_BRANCH="update-vex-hub-reports"
VEX_HUB_PR_BODY_COMMIT="Update VEX Hub reports"
SEC_VEX_AUTHOR="Rancher Security team"
TARGETS_FILE="${WORKING_DIR}/repos.txt"
REPOS_DENY_LIST="${WORKING_DIR}/repos-deny-list.txt"
TEMPLATE_VEX_REPORT="${WORKING_DIR}/templates/main.openvex.json"
TEMPLATE_VEXHUB_INDEX="${WORKING_DIR}/templates/index.json"
PRIME_REGISTRY="registry.rancher.com"
BIN_VEXCTL="vexctl"
BIN_GOVULNCHECK="govulncheck"
VEX_CSV_HEADER="vulnerability_id,vulnerability_aliases,affected_product,affected_subcomponent,status,status_notes,justification,impact_statement,action_statement"
REPORTS_VEX_DIR="$(dirname ${WORKING_DIR})/reports/vex"
VEX_CVES_AUTOMATED_CSV="${REPORTS_VEX_DIR}/vex_automated_cves.csv"
VEX_CVES_MANUAL_CSV="${REPORTS_VEX_DIR}/vex_manual_cves.csv"
VEX_CVES_CSV="${REPORTS_VEX_DIR}/vex_cves.csv"