From ca6737c8a7b60f32d07c64c43896f6491d4a6756 Mon Sep 17 00:00:00 2001 From: vijeyash <91282703+vijeyash1@users.noreply.github.com> Date: Mon, 20 Nov 2023 16:11:00 +0530 Subject: [PATCH] Revert "Pvc" --- agent/kubviz/kubePreUpgrade.go | 13 ++++++------- agent/kubviz/outdated.go | 7 +++++++ agent/kubviz/trivy.go | 11 +---------- agent/kubviz/trivy_image.go | 22 ++++++++++------------ agent/kubviz/trivy_sbom.go | 18 ++++++++---------- 5 files changed, 32 insertions(+), 39 deletions(-) diff --git a/agent/kubviz/kubePreUpgrade.go b/agent/kubviz/kubePreUpgrade.go index 11ec310f..ee3a6806 100644 --- a/agent/kubviz/kubePreUpgrade.go +++ b/agent/kubviz/kubePreUpgrade.go @@ -79,21 +79,19 @@ func publishK8sDepricated_Deleted_Api(result *model.Result, js nats.JetStreamCon } func KubePreUpgradeDetector(config *rest.Config, js nats.JetStreamContext) error { - pvcMountPath := "/mnt/agent/kbz" - uniqueDir := fmt.Sprintf("%s/kubepug", pvcMountPath) - err := os.Mkdir(uniqueDir, 0755) + swaggerdir, err := os.MkdirTemp("", "kubepug") if err != nil { return err } - - filename := fmt.Sprintf("%s/swagger-%s.json", uniqueDir, k8sVersion) + filename := fmt.Sprintf("%s/swagger-%s.json", swaggerdir, k8sVersion) url := fmt.Sprintf("%s/%s/%s", baseURL, k8sVersion, fileURL) err = downloadFile(filename, url) if err != nil { return err } - defer os.RemoveAll(filename) - kubernetesAPIs, err := PopulateKubeAPIMap(filename) + defer os.RemoveAll(swaggerdir) + swaggerfile := filename + kubernetesAPIs, err := PopulateKubeAPIMap(swaggerfile) if err != nil { return err } @@ -104,6 +102,7 @@ func KubePreUpgradeDetector(config *rest.Config, js nats.JetStreamContext) error func PopulateKubeAPIMap(swagfile string) (model.KubernetesAPIs, error) { var kubeAPIs = make(model.KubernetesAPIs) + // log.Infof("Populating the PopulateKubeAPIMap") jsonFile, err := os.Open(swagfile) if err != nil { log.Error(err) diff --git a/agent/kubviz/outdated.go b/agent/kubviz/outdated.go index 6e0e7dcd..ce3a77d3 100644 --- a/agent/kubviz/outdated.go +++ b/agent/kubviz/outdated.go @@ -447,6 +447,13 @@ func splitOutlierSemvers(allSemverTags []*semver.Version) ([]*semver.Version, [] return outliers, remaining, nil } +// func homeDir() string { +// if h := os.Getenv("HOME"); h != "" { +// return h +// } +// return os.Getenv("USERPROFILE") +// } + type VersionTag struct { Sort int `json:"sort"` Version string `json:"version"` diff --git a/agent/kubviz/trivy.go b/agent/kubviz/trivy.go index 04ee6f81..aaf71bbb 100644 --- a/agent/kubviz/trivy.go +++ b/agent/kubviz/trivy.go @@ -3,9 +3,7 @@ package main import ( "bytes" "encoding/json" - "fmt" "log" - "os" exec "os/exec" "strings" @@ -31,15 +29,8 @@ func executeCommandTrivy(command string) ([]byte, error) { return outc.Bytes(), err } func RunTrivyK8sClusterScan(js nats.JetStreamContext) error { - pvcMountPath := "/mnt/agent/kbz" - trivyCacheDir := fmt.Sprintf("%s/trivy-cache", pvcMountPath) - err := os.MkdirAll(trivyCacheDir, 0755) - if err != nil { - log.Printf("Error creating Trivy cache directory: %v\n", err) - return err - } var report report.ConsolidatedReport - cmdString := fmt.Sprintf("trivy k8s --report summary cluster --exclude-nodes kubernetes.io/arch:amd64 --timeout 60m -f json --cache-dir %s --debug", trivyCacheDir) + cmdString := "trivy k8s --report summary cluster --exclude-nodes kubernetes.io/arch:amd64 --timeout 60m -f json --cache-dir /tmp/.cache --debug" clearCacheCmd := "trivy k8s --clear-cache" out, err := executeCommandTrivy(cmdString) if err != nil { diff --git a/agent/kubviz/trivy_image.go b/agent/kubviz/trivy_image.go index 5486f0ba..bd50e642 100644 --- a/agent/kubviz/trivy_image.go +++ b/agent/kubviz/trivy_image.go @@ -2,7 +2,6 @@ package main import ( "encoding/json" - "fmt" "log" "os" "strings" @@ -16,15 +15,6 @@ import ( ) func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error { - - pvcMountPath := "/mnt/agent/kbz" - trivyImageCacheDir := fmt.Sprintf("%s/trivy-imagecache", pvcMountPath) - err := os.MkdirAll(trivyImageCacheDir, 0755) - if err != nil { - log.Printf("Error creating Trivy Image cache directory: %v\n", err) - return err - } - clearCacheCmd := "trivy image --clear-cache" images, err := ListImages(config) @@ -35,8 +25,7 @@ func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error { for _, image := range images { var report types.Report - scanCmd := fmt.Sprintf("trivy image %s --timeout 60m -f json -q --cache-dir %s", image.PullableImage, trivyImageCacheDir) - out, err := executeCommand(scanCmd) + out, err := executeCommand("trivy image " + image.PullableImage + " --timeout 60m -f json -q --cache-dir /tmp/.cache") if err != nil { log.Printf("Error scanning image %s: %v", image.PullableImage, err) continue // Move on to the next image in case of an error @@ -85,3 +74,12 @@ func publishImageScanReports(report types.Report, js nats.JetStreamContext) erro log.Printf("Trivy image report with ID:%s has been published\n", metrics.ID) return nil } + +func cleanupCache(cacheDir string) { + err := os.RemoveAll(cacheDir) + if err != nil { + log.Printf("Failed to clean up cache directory %s: %v", cacheDir, err) + } else { + log.Printf("Cache directory %s cleaned up successfully", cacheDir) + } +} diff --git a/agent/kubviz/trivy_sbom.go b/agent/kubviz/trivy_sbom.go index 5e58bbb6..8f87ef5b 100644 --- a/agent/kubviz/trivy_sbom.go +++ b/agent/kubviz/trivy_sbom.go @@ -5,7 +5,6 @@ import ( "encoding/json" "fmt" "log" - "os" "os/exec" "github.com/aquasecurity/trivy/pkg/sbom/cyclonedx" @@ -48,20 +47,18 @@ func executeCommandSbom(command string) ([]byte, error) { func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error { clearCacheCmd := "trivy image --clear-cache" - pvcMountPath := "/mnt/agent/kbz" - trivySbomCacheDir := fmt.Sprintf("%s/trivy-sbomcache", pvcMountPath) - err := os.MkdirAll(trivySbomCacheDir, 0755) - if err != nil { - log.Printf("Error creating Trivy cache directory: %v\n", err) - return err - } + + log.Println("trivy sbom run started") images, err := ListImages(config) + if err != nil { log.Printf("failed to list images: %v", err) } for _, image := range images { - sbomcmd := fmt.Sprintf("trivy image --format cyclonedx %s --cache-dir %s", image.PullableImage, trivySbomCacheDir) - out, err := executeCommandSbom(sbomcmd) + + command := fmt.Sprintf("trivy image --format cyclonedx %s %s", image.PullableImage, "--cache-dir /tmp/.cache") + out, err := executeCommandSbom(command) + if err != nil { log.Printf("Error executing Trivy for image sbom %s: %v", image.PullableImage, err) continue // Move on to the next image in case of an error @@ -72,6 +69,7 @@ func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error { log.Printf("Trivy output is empty for image sbom %s", image.PullableImage) continue // Move on to the next image } + var report cyclonedx.BOM err = json.Unmarshal(out, &report) if err != nil {