Fix trivy entrypoint command (#123) (#128)

* Fix trivy entrypoint command to scan image * Bump stable Trivy version to v0.22.0 Co-authored-by: Adam Letizia <[email protected]>
Azure · Feb 3, 2022 · 74375b0 · 74375b0
1 parent 595707a
commit 74375b0
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/lib/trivyHelper.js b/lib/trivyHelper.js
@@ -30,7 +30,7 @@ const utils = __importStar(require("./utils"));
 const allowedlistHandler = __importStar(require("./allowedlistHandler"));
 exports.TRIVY_EXIT_CODE = 5;
 exports.trivyToolName = "trivy";
-const stableTrivyVersion = "0.5.2";
+const stableTrivyVersion = "0.22.0";
 const trivyLatestReleaseUrl = "https://api.github.com/repos/aquasecurity/trivy/releases/latest";
 const KEY_TARGET = "Target";
 const KEY_VULNERABILITIES = "Vulnerabilities";
@@ -53,10 +53,11 @@ const TITLE_TARGET = "TARGET";
 function runTrivy() {
     return __awaiter(this, void 0, void 0, function* () {
         const trivyPath = yield getTrivy();
+        const trivyCommand = "image";
         const imageName = inputHelper.imageName;
         const trivyOptions = yield getTrivyExecOptions();
         console.log(`Scanning for vulnerabilties in image: ${imageName}`);
-        const trivyToolRunner = new toolrunner_1.ToolRunner(trivyPath, [imageName], trivyOptions);
+        const trivyToolRunner = new toolrunner_1.ToolRunner(trivyPath, [trivyCommand, imageName], trivyOptions);
         const timestamp = new Date().toISOString();
         const trivyStatus = yield trivyToolRunner.exec();
         utils.addLogsToDebug(getTrivyLogPath());

diff --git a/src/trivyHelper.ts b/src/trivyHelper.ts
@@ -14,7 +14,7 @@ import * as allowedlistHandler from './allowedlistHandler';
 
 export const TRIVY_EXIT_CODE = 5;
 export const trivyToolName = "trivy";
-const stableTrivyVersion = "0.5.2";
+const stableTrivyVersion = "0.22.0";
 const trivyLatestReleaseUrl = "https://api.github.com/repos/aquasecurity/trivy/releases/latest";
 const KEY_TARGET = "Target";
 const KEY_VULNERABILITIES = "Vulnerabilities";
@@ -41,11 +41,12 @@ export interface TrivyResult {
 
 export async function runTrivy(): Promise<TrivyResult> {
     const trivyPath = await getTrivy();
+    const trivyCommand = "image";
 
     const imageName = inputHelper.imageName;
     const trivyOptions: ExecOptions = await getTrivyExecOptions();
     console.log(`Scanning for vulnerabilties in image: ${imageName}`);
-    const trivyToolRunner = new ToolRunner(trivyPath, [imageName], trivyOptions);
+    const trivyToolRunner = new ToolRunner(trivyPath, [trivyCommand, imageName], trivyOptions);
     const timestamp = new Date().toISOString();
     const trivyStatus = await trivyToolRunner.exec();
     utils.addLogsToDebug(getTrivyLogPath());
@@ -320,4 +321,4 @@ async function getTrivyExecOptions() {
         ignoreReturnCode: true,
         outStream: fs.createWriteStream(getTrivyLogPath())
     };
-}
+}