Skip to content

Commit

Permalink
added cache clearing command for trivy image, trivy sbom, and trivy k8s
Browse files Browse the repository at this point in the history
  • Loading branch information
vijeyash1 committed Nov 14, 2023
1 parent b2d2c21 commit e564391
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 13 deletions.
16 changes: 7 additions & 9 deletions agent/kubviz/trivy.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,18 +31,12 @@ func executeCommandTrivy(command string) ([]byte, error) {
func RunTrivyK8sClusterScan(js nats.JetStreamContext) error {
var report report.ConsolidatedReport
cmdString := "trivy k8s --report summary cluster --exclude-nodes kubernetes.io/arch:amd64 --timeout 60m -f json --cache-dir /tmp/.cache --debug"

// Log the command before execution
log.Printf("Executing command: %s\n", cmdString)

// Execute the command
clearCacheCmd := "trivy k8s --clear-cache"
out, err := executeCommandTrivy(cmdString)

// Handle errors and process the command output as needed
if err != nil {
log.Printf("Error executing command: %v\n", err)
return err
}
// Log the command output for debugging purposes
log.Printf("Command output: %s\n", out)
outStr := string(out)
parts := strings.SplitN(outStr, "{", 2)
Expand All @@ -59,11 +53,15 @@ func RunTrivyK8sClusterScan(js nats.JetStreamContext) error {
log.Printf("Error occurred while Unmarshalling json for k8s cluster scan: %v", err)
return err
}
_, err = executeCommandTrivy(clearCacheCmd)
if err != nil {
log.Printf("Error executing command: %v\n", err)
return err
}
err = publishTrivyK8sReport(report, js)
if err != nil {
return err
}
cleanupCache("/tmp/.cache")
return nil
}

Expand Down
11 changes: 9 additions & 2 deletions agent/kubviz/trivy_image.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,12 @@ import (
)

func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error {
clearCacheCmd := "trivy image --clear-cache"

images, err := ListImages(config)
if err != nil {
log.Fatal(err)
log.Println("error occured while trying to list images, error :", err.Error())
return err
}

for _, image := range images {
Expand All @@ -44,11 +47,15 @@ func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error {
log.Printf("Error occurred while Unmarshalling json for image: %v", err)
continue // Move on to the next image in case of an error
}
_, err = executeCommandTrivy(clearCacheCmd)
if err != nil {
log.Printf("Error executing command: %v\n", err)
return err
}
err = publishImageScanReports(report, js)
if err != nil {
return err
}
cleanupCache("/tmp/.cache")
}
return nil
}
Expand Down
9 changes: 7 additions & 2 deletions agent/kubviz/trivy_sbom.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ func executeCommandSbom(command string) ([]byte, error) {
}

func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
clearCacheCmd := "trivy image --clear-cache"

log.Println("trivy sbom run started")
images, err := ListImages(config)

Expand Down Expand Up @@ -75,10 +77,13 @@ func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
continue // Move on to the next image in case of an error
}
// log.Println("report", report)

_, err = executeCommandTrivy(clearCacheCmd)
if err != nil {
log.Printf("Error executing command: %v\n", err)
return err
}
// Publish the report using the given function
publishTrivySbomReport(report, js)
cleanupCache("/tmp/.cache")
}
return nil
}

0 comments on commit e564391

Please sign in to comment.