Skip to content

Commit b2eb54a

Browse files
vijeyash1vijeyash1
committed
added pvc in trivy sbom
1 parent 002c868 commit b2eb54a

File tree

2 files changed

+10
-17
lines changed

2 files changed

+10
-17
lines changed

agent/kubviz/trivy_image.go

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -85,12 +85,3 @@ func publishImageScanReports(report types.Report, js nats.JetStreamContext) erro
8585
log.Printf("Trivy image report with ID:%s has been published\n", metrics.ID)
8686
return nil
8787
}
88-
89-
func cleanupCache(cacheDir string) {
90-
err := os.RemoveAll(cacheDir)
91-
if err != nil {
92-
log.Printf("Failed to clean up cache directory %s: %v", cacheDir, err)
93-
} else {
94-
log.Printf("Cache directory %s cleaned up successfully", cacheDir)
95-
}
96-
}

agent/kubviz/trivy_sbom.go

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"encoding/json"
66
"fmt"
77
"log"
8+
"os"
89
"os/exec"
910

1011
"github.com/aquasecurity/trivy/pkg/sbom/cyclonedx"
@@ -47,18 +48,20 @@ func executeCommandSbom(command string) ([]byte, error) {
4748

4849
func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
4950
clearCacheCmd := "trivy image --clear-cache"
50-
51-
log.Println("trivy sbom run started")
51+
pvcMountPath := "/mnt/agent/kbz"
52+
trivySbomCacheDir := fmt.Sprintf("%s/trivy-sbomcache", pvcMountPath)
53+
err := os.MkdirAll(trivySbomCacheDir, 0755)
54+
if err != nil {
55+
log.Printf("Error creating Trivy cache directory: %v\n", err)
56+
return err
57+
}
5258
images, err := ListImages(config)
53-
5459
if err != nil {
5560
log.Printf("failed to list images: %v", err)
5661
}
5762
for _, image := range images {
58-
59-
command := fmt.Sprintf("trivy image --format cyclonedx %s %s", image.PullableImage, "--cache-dir /tmp/.cache")
60-
out, err := executeCommandSbom(command)
61-
63+
sbomcmd := fmt.Sprintf("trivy image --format cyclonedx %s --cache-dir %s", image.PullableImage, trivySbomCacheDir)
64+
out, err := executeCommandSbom(sbomcmd)
6265
if err != nil {
6366
log.Printf("Error executing Trivy for image sbom %s: %v", image.PullableImage, err)
6467
continue // Move on to the next image in case of an error
@@ -69,7 +72,6 @@ func RunTrivySbomScan(config *rest.Config, js nats.JetStreamContext) error {
6972
log.Printf("Trivy output is empty for image sbom %s", image.PullableImage)
7073
continue // Move on to the next image
7174
}
72-
7375
var report cyclonedx.BOM
7476
err = json.Unmarshal(out, &report)
7577
if err != nil {

0 commit comments

Comments
 (0)