Merge pull request #277 from intelops/minorchanges

added cache clearing command for trivy image, trivy sbom, and trivy k8s

Author: vijeyash1

agent/kubviz/trivy.go

@@ -31,18 +31,12 @@ func executeCommandTrivy(command string) ([]byte, error) {
 func RunTrivyK8sClusterScan(js nats.JetStreamContext) error {
 	var report report.ConsolidatedReport
 	cmdString := "trivy k8s --report summary cluster --exclude-nodes kubernetes.io/arch:amd64 --timeout 60m -f json --cache-dir /tmp/.cache --debug"
-
-	// Log the command before execution
-	log.Printf("Executing command: %s\n", cmdString)
-
-	// Execute the command
+	clearCacheCmd := "trivy k8s --clear-cache"
 	out, err := executeCommandTrivy(cmdString)
-
-	// Handle errors and process the command output as needed
 	if err != nil {
 		log.Printf("Error executing command: %v\n", err)
+		return err
 	}
-	// Log the command output for debugging purposes
 	log.Printf("Command output: %s\n", out)
 	outStr := string(out)
 	parts := strings.SplitN(outStr, "{", 2)
@@ -59,11 +53,15 @@ func RunTrivyK8sClusterScan(js nats.JetStreamContext) error {
 		log.Printf("Error occurred while Unmarshalling json for k8s cluster scan: %v", err)
 		return err
 	}
+	_, err = executeCommandTrivy(clearCacheCmd)
+	if err != nil {
+		log.Printf("Error executing command: %v\n", err)
+		return err
+	}
 	err = publishTrivyK8sReport(report, js)
 	if err != nil {
 		return err
 	}
-	cleanupCache("/tmp/.cache")
 	return nil
 }
 

agent/kubviz/trivy_image.go

@@ -15,9 +15,12 @@ import (
 )
 
 func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error {
+	clearCacheCmd := "trivy image --clear-cache"
+
 	images, err := ListImages(config)
 	if err != nil {
-		log.Fatal(err)
+		log.Println("error occured while trying to list images, error :", err.Error())
+		return err
 	}
 
 	for _, image := range images {
@@ -44,11 +47,15 @@ func RunTrivyImageScans(config *rest.Config, js nats.JetStreamContext) error {
 			log.Printf("Error occurred while Unmarshalling json for image: %v", err)
 			continue // Move on to the next image in case of an error
 		}
+		_, err = executeCommandTrivy(clearCacheCmd)
+		if err != nil {
+			log.Printf("Error executing command: %v\n", err)
+			return err
+		}
 		err = publishImageScanReports(report, js)
 		if err != nil {
 			return err
 		}
-		cleanupCache("/tmp/.cache")
 	}
 	return nil
 }

agent/kubviz/trivy_sbom.go

@@ -46,6 +46,8 @@ func executeCommandSbom(command string) ([]byte, error) {
 }
 
 func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
+	clearCacheCmd := "trivy image --clear-cache"
+
 	log.Println("trivy sbom run started")
 	images, err := ListImages(config)
 
@@ -75,10 +77,13 @@ func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
 			continue // Move on to the next image in case of an error
 		}
 		// log.Println("report", report)
-
+		_, err = executeCommandTrivy(clearCacheCmd)
+		if err != nil {
+			log.Printf("Error executing command: %v\n", err)
+			return err
+		}
 		// Publish the report using the given function
 		publishTrivySbomReport(report, js)
-		cleanupCache("/tmp/.cache")
 	}
 	return nil
 }