From 1a7d5e6d2f78a758ddbafc61cb7fd3341a0459a5 Mon Sep 17 00:00:00 2001 From: Nithunikzz Date: Tue, 16 Apr 2024 11:36:00 +0530 Subject: [PATCH 1/2] added trivy event time --- client/pkg/clickhouse/db_client.go | 3 ++- client/pkg/clickhouse/statements.go | 4 ++-- sql/0000011_trivyimage.up.sql | 1 + 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/client/pkg/clickhouse/db_client.go b/client/pkg/clickhouse/db_client.go index 065631f6..7415a378 100644 --- a/client/pkg/clickhouse/db_client.go +++ b/client/pkg/clickhouse/db_client.go @@ -799,7 +799,7 @@ func (c *DBClient) InsertTrivyImageMetrics(metrics model.TrivyImage) { _, span := tracer.Start(opentelemetry.BuildContext(ctx), "InsertTrivyImageMetrics") span.SetAttributes(attribute.String("trivy-image-client", "insert")) defer span.End() - + currentTime := time.Now().UTC() for _, result := range metrics.Report.Results { for _, vulnerability := range result.Vulnerabilities { tx, err := c.conn.Begin() @@ -830,6 +830,7 @@ func (c *DBClient) InsertTrivyImageMetrics(metrics model.TrivyImage) { vulnerability.Severity, vulnerability.PublishedDate, vulnerability.LastModifiedDate, + currentTime, ); err != nil { log.Fatal(err) } diff --git a/client/pkg/clickhouse/statements.go b/client/pkg/clickhouse/statements.go index 22406fbe..c75571c3 100644 --- a/client/pkg/clickhouse/statements.go +++ b/client/pkg/clickhouse/statements.go @@ -227,10 +227,10 @@ const clickhouseExperimental DBStatement = `SET allow_experimental_object_type=1 const containerGithubTable DBStatement = `CREATE table IF NOT EXISTS container_github(event JSON) ENGINE = MergeTree ORDER BY tuple();` const InsertKubeScore string = "INSERT INTO kubescore(id,clustername,object_name,kind,apiVersion,name,namespace,target_type,description,path,summary,file_name,file_row,EventTime) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?)" const InsertTrivyVul string = "INSERT INTO trivy_vul (id, cluster_name, namespace, kind, name, vul_id, vul_vendor_ids, vul_pkg_id, vul_pkg_name, vul_pkg_path, vul_installed_version, vul_fixed_version, vul_title, vul_severity, vul_published_date, vul_last_modified_date) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?. ?)" -const InsertTrivyImage string = "INSERT INTO trivyimage (id, cluster_name, artifact_name, vul_id, vul_pkg_id, vul_pkg_name, vul_installed_version, vul_fixed_version, vul_title, vul_severity, vul_published_date, vul_last_modified_date) VALUES ( ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" +const InsertTrivyImage string = "INSERT INTO trivyimage (id, cluster_name, artifact_name, vul_id, vul_pkg_id, vul_pkg_name, vul_installed_version, vul_fixed_version, vul_title, vul_severity, vul_published_date, vul_last_modified_date,EventTime) VALUES ( ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?)" const InsertTrivyMisconfig string = "INSERT INTO trivy_misconfig (id, cluster_name, namespace, kind, name, misconfig_id, misconfig_avdid, misconfig_type, misconfig_title, misconfig_desc, misconfig_msg, misconfig_query, misconfig_resolution, misconfig_severity, misconfig_status, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" const InsertAzureContainerPushEvent DBStatement = "INSERT INTO azurecontainerpush (RegistryURL, RepositoryName, Tag, ImageName, Event, Size, SHAID, EventTime) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?)" const InsertTrivySbom string = "INSERT INTO trivysbom (id, cluster_name, bom_format, serial_number, bom_ref, image_name, component_type, package_url, event_time, other_component_name) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" const InsertQuayContainerPushEvent DBStatement = "INSERT INTO quaycontainerpush (name, repository, nameSpace, dockerURL, homePage, tag, Event, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?)" const InsertJfrogContainerPushEvent DBStatement = "INSERT INTO jfrogcontainerpush (Domain, EventType, RegistryURL, RepositoryName, SHAID, Size, ImageName, Tag, Event, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" -const InsertKuberhealthy string = "INSERT INTO kuberhealthy (CurrentUUID, CheckName, OK, Errors, RunDuration, Namespace, Node, LastRun, AuthoritativePod) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)" \ No newline at end of file +const InsertKuberhealthy string = "INSERT INTO kuberhealthy (CurrentUUID, CheckName, OK, Errors, RunDuration, Namespace, Node, LastRun, AuthoritativePod) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)" diff --git a/sql/0000011_trivyimage.up.sql b/sql/0000011_trivyimage.up.sql index acab7047..29e5ad1c 100644 --- a/sql/0000011_trivyimage.up.sql +++ b/sql/0000011_trivyimage.up.sql @@ -11,6 +11,7 @@ CREATE TABLE IF NOT EXISTS trivyimage ( vul_severity String, vul_published_date DateTime('UTC'), vul_last_modified_date DateTime('UTC'), + EventTime DateTime('UTC'), ExpiryDate DateTime DEFAULT now() + INTERVAL {{.TTLValue}} {{.TTLUnit}}, ExportedAt DateTime DEFAULT NULL ) ENGINE = MergeTree() From 98177bf8377347320eafb0077ae0fcaace13282d Mon Sep 17 00:00:00 2001 From: Nithunikzz Date: Tue, 16 Apr 2024 11:51:14 +0530 Subject: [PATCH 2/2] kuberhealthy url fix --- charts/agent/Chart.yaml | 2 +- charts/agent/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml index 5e80c02f..33444035 100644 --- a/charts/agent/Chart.yaml +++ b/charts/agent/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.1.19 +version: 1.1.20 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/agent/values.yaml b/charts/agent/values.yaml index 46b6980d..5ac670e1 100644 --- a/charts/agent/values.yaml +++ b/charts/agent/values.yaml @@ -188,7 +188,7 @@ schedule: kuberhealthy: enabled: true pollInterval: "60m" - url: "http://kuberhealthy:8080" + url: "http://kuberhealthy:80" check: podRestarts: enabled: true