Add vuls helpers

Signed-off-by: Knut Ahlers <knut@ahlers.me>

bin/vuln-report

@@ -0,0 +1,14 @@
+#!/bin/bash
+set -euxo pipefail
+
+RESULTS_DIR=${RESULTS_DIR:-$(pwd)}
+
+# If the binary is not yet there, do an initialization
+[ -f ${HOME}/.bin/vuls ] || ${HOME}/bin/vuls-refresh
+[ $(( $(date +%s) - $(stat -c %Y ${HOME}/.cache/vuls/oval.sqlite3) )) -gt 86400 ] && ${HOME}/bin/vuls-refresh
+
+# spawn reporter
+exec ${HOME}/.bin/vuls report \
+	--cvedb-path ${HOME}/.cache/vuls/cve.sqlite3 \
+	--ovaldb-path ${HOME}/.cache/vuls/oval.sqlite3 \
+	--results-dir "${RESULTS_DIR}" "$@"

bin/vuls-refresh

@@ -0,0 +1,32 @@
+#!/bin/bash
+set -euxo pipefail
+
+CACHE_DIR="${HOME}/.cache/vuls"
+
+# Fetch VND database
+if [ -f "${CACHE_DIR}/cve.sqlite3" ]; then
+	# Database exists, only update
+	docker run --rm -it \
+		-v "${CACHE_DIR}:/vuls" \
+		vuls/go-cve-dictionary fetchnvd -last2y
+else
+	# Database does not exist, do a full-fetch
+	docker run --rm -it \
+		-v "${CACHE_DIR}:/vuls" \
+		vuls/go-cve-dictionary fetchnvd -years $(seq 2002 $(date +%Y))
+fi
+
+# Fetch OVAL for common systems
+
+docker run --rm -it \
+	-v "${CACHE_DIR}:/vuls" \
+  vuls/goval-dictionary fetch-alpine $(seq 3.3 0.1 3.7)
+
+docker run --rm -it \
+	-v "${CACHE_DIR}:/vuls" \
+  vuls/goval-dictionary fetch-ubuntu $(seq 12 2 18)
+
+# Ensure vuls binary
+
+curl -sSfL https://github.com/future-architect/vuls/releases/download/v0.4.2/vuls_0.4.2_linux_amd64.tar.gz | 
+  tar -C ${HOME}/.bin -xz vuls