feat: Add vulnerability detail endpoint (#144)

This commit adds the `get_vulnerability_details` method for the SdScanningClient

Author: tembleking

sdcclient/_scanning.py

@@ -1040,3 +1040,23 @@ def _discover_inputimage(self, input_string):
                     break
 
         return ret_type, input_string, urldigest
+
+    def get_vulnerability_details(self, id):
+        if id is None:
+            return [False, "No vulnerability ID provided"]
+
+        url = self.url + f"/api/scanning/v1/anchore/query/vulnerabilities"
+
+        params = {
+            "id": id,
+        }
+
+        res = requests.get(url, params=params, headers=self.hdrs, verify=self.ssl_verify)
+        if not self._checkResponse(res):
+            return [False, self.lasterr]
+
+        json_res = res.json()
+        if "vulnerabilities" not in json_res or not json_res["vulnerabilities"]:
+            return [False, f"Vulnerability {id} was not found"]
+
+        return [True, json_res["vulnerabilities"][0]]

specs/secure/scanning_vulnerability_spec.py

@@ -0,0 +1,38 @@
+import os
+
+from expects import *
+from expects import equal
+from mamba import *
+
+from sdcclient import SdScanningClient
+from specs import be_successful_api_call
+
+with description("Scanning vulnerability details") as self:
+    with before.each:
+        self.client = SdScanningClient(sdc_url=os.getenv("SDC_SECURE_URL", "https://secure.sysdig.com"),
+                                       token=os.getenv("SDC_SECURE_TOKEN"))
+
+    with context("when retrieving a simple vulnerability"):
+        with it("retrieves the vulnerability details correctly if exists"):
+            vuln_id = "VULNDB-140292"
+            ok, res = self.client.get_vulnerability_details(id=vuln_id)
+
+            expect((ok, res)).to(be_successful_api_call)
+            expect(res).to(
+                have_keys("description", "severity", "vendor_data", "nvd_data", "references",
+                          "affected_packages", id=equal(vuln_id))
+            )
+
+        with it("fails if it does not exist"):
+            non_existing_vuln_id = "VULNDB-NOEXISTS"
+            ok, res = self.client.get_vulnerability_details(id=non_existing_vuln_id)
+
+            expect((ok, res)).to_not(be_successful_api_call)
+            expect(res).to(equal(f"Vulnerability {non_existing_vuln_id} was not found"))
+
+        with it("fails if no id was provided"):
+            non_existing_vuln_id = None
+            ok, res = self.client.get_vulnerability_details(id=non_existing_vuln_id)
+
+            expect((ok, res)).to_not(be_successful_api_call)
+            expect(res).to(equal(f"No vulnerability ID provided"))