wip 1 - trivy somewhat works

Author: andrzej-janczak

.codacy/codacy.yaml

@@ -2,3 +2,4 @@ runtimes:
     - [email protected]
 tools:
     - [email protected]
+    - [email protected]

cmd/init.go

@@ -71,9 +71,9 @@ func createConfigurationFile(tools []tools.Tool) error {
 }
 
 func configFileTemplate(tools []tools.Tool) string {
-
-	// Default version
+	// Default versions
 	eslintVersion := "9.3.0"
+	trivyVersion := "0.49.1"
 
 	for _, tool := range tools {
 		if tool.Uuid == "f8b29663-2cb2-498d-b923-a10c6a8c05cd" {
@@ -85,7 +85,8 @@ func configFileTemplate(tools []tools.Tool) string {
     - [email protected]
 tools:
     - eslint@%s
-`, eslintVersion)
+    - trivy@%s
+`, eslintVersion, trivyVersion)
 }
 
 func buildRepositoryConfigurationFiles(token string) error {

cmd/install.go

@@ -43,6 +43,12 @@ func installTools(config *cfg.ConfigType) {
 				fmt.Println(err.Error())
 				log.Fatal(err)
 			}
+		case "trivy":
+			err := cfg.InstallTrivy(tool, registry)
+			if err != nil {
+				fmt.Println(err.Error())
+				log.Fatal(err)
+			}
 		default:
 			log.Fatal("Unknown tool:", tool.Name())
 		}

config/runtime.go

@@ -32,6 +32,18 @@ func (r *Runtime) populateInfo() {
 	switch r.Name() {
 	case "eslint":
 		r.info = genInfoEslint(r)
+	case "trivy":
+		r.info = genInfoTrivy(r)
+	}
+}
+
+// genInfoTrivy generates the info map for Trivy
+func genInfoTrivy(r *Runtime) map[string]string {
+	return map[string]string{
+		"name":        r.name,
+		"version":     r.version,
+		"description": "Container and Filesystem Vulnerability Scanner",
+		"binary":      "trivy",
 	}
 }
 

config/trivy-utils.go

@@ -0,0 +1,119 @@
+package config
+
+import (
+	"fmt"
+	"io"
+	"log"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+)
+
+/*
+ * This installs Trivy using the official install script
+ */
+func InstallTrivy(trivyConfig *Runtime, registry string) error {
+	log.Println("Installing Trivy")
+
+	// Create Trivy installation directory
+	trivyFolder := fmt.Sprintf("%s@%s", trivyConfig.Name(), trivyConfig.Version())
+	installDir := filepath.Join(Config.ToolsDirectory(), trivyFolder)
+
+	// Check if already installed
+	if isTrivyInstalled(trivyConfig) {
+		fmt.Printf("Trivy %s is already installed\n", trivyConfig.Version())
+		return nil
+	}
+
+	// Create installation directory
+	err := os.MkdirAll(installDir, 0755)
+	if err != nil {
+		return fmt.Errorf("failed to create installation directory: %w", err)
+	}
+
+	// Use the official install script to download and install Trivy
+	version := fmt.Sprintf("v%s", trivyConfig.Version())
+	installScriptURL := "https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh"
+
+	log.Printf("Installing Trivy %s using the official install script\n", version)
+
+	// Create a temporary directory for the installation
+	tempDir := filepath.Join(installDir, "temp")
+	err = os.MkdirAll(tempDir, 0755)
+	if err != nil {
+		return fmt.Errorf("failed to create temporary directory: %w", err)
+	}
+
+	// Download and run the install script
+	cmd := exec.Command("sh", "-c", fmt.Sprintf("curl -sfL %s | sh -s -- -b %s %s",
+		installScriptURL, tempDir, version))
+
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		return fmt.Errorf("failed to run Trivy install script: %w\nOutput: %s", err, string(output))
+	}
+
+	log.Printf("Install script output: %s\n", string(output))
+
+	// Copy the Trivy binary to the final location
+	sourcePath := filepath.Join(tempDir, "trivy")
+	if runtime.GOOS == "windows" {
+		sourcePath += ".exe"
+	}
+
+	binaryPath := filepath.Join(installDir, "trivy")
+	if runtime.GOOS == "windows" {
+		binaryPath += ".exe"
+	}
+
+	// Check if the source binary exists
+	if _, err := os.Stat(sourcePath); os.IsNotExist(err) {
+		return fmt.Errorf("trivy binary not found at %s after installation", sourcePath)
+	}
+
+	// Copy the binary to the final location
+	source, err := os.Open(sourcePath)
+	if err != nil {
+		return fmt.Errorf("failed to open source binary: %w", err)
+	}
+	defer source.Close()
+
+	destination, err := os.Create(binaryPath)
+	if err != nil {
+		return fmt.Errorf("failed to create destination binary: %w", err)
+	}
+	defer destination.Close()
+
+	_, err = io.Copy(destination, source)
+	if err != nil {
+		return fmt.Errorf("failed to copy binary: %w", err)
+	}
+
+	// Make the copied binary executable
+	err = os.Chmod(binaryPath, 0755)
+	if err != nil {
+		return fmt.Errorf("failed to make binary executable: %w", err)
+	}
+
+	// Clean up the temporary directory
+	os.RemoveAll(tempDir)
+
+	log.Printf("Successfully installed Trivy %s\n", trivyConfig.Version())
+	return nil
+}
+
+// isTrivyInstalled checks if Trivy is already installed
+func isTrivyInstalled(trivyConfig *Runtime) bool {
+	trivyFolder := fmt.Sprintf("%s@%s", trivyConfig.Name(), trivyConfig.Version())
+	installDir := filepath.Join(Config.ToolsDirectory(), trivyFolder)
+	binaryPath := filepath.Join(installDir, "trivy")
+
+	// Add .exe extension for Windows
+	if runtime.GOOS == "windows" {
+		binaryPath += ".exe"
+	}
+
+	_, err := os.Stat(binaryPath)
+	return err == nil
+}

plugins/tool-utils.go

@@ -0,0 +1,10 @@
+package plugins
+
+import (
+	"fmt"
+)
+
+// LoadToolPlugin stub implementation until the plugin system is complete
+func LoadToolPlugin(toolName string) (interface{}, error) {
+	return nil, fmt.Errorf("plugin system for tools is under development, tool %s cannot be loaded yet", toolName)
+}