1+ #! /usr/bin/env bash
2+ # Copyright 2022 The Kubernetes Authors.
3+ #
4+ # Licensed under the Apache License, Version 2.0 (the "License");
5+ # you may not use this file except in compliance with the License.
6+ # You may obtain a copy of the License at
7+ #
8+ # http://www.apache.org/licenses/LICENSE-2.0
9+ #
10+ # Unless required by applicable law or agreed to in writing, software
11+ # distributed under the License is distributed on an "AS IS" BASIS,
12+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+ # See the License for the specific language governing permissions and
14+ # limitations under the License.
15+
16+ set -o errexit
17+ set -o nounset
18+ set -o pipefail
19+
20+ TRIVY_VERSION=0.34.0
21+
22+ GO_OS=" $( go env GOOS) "
23+ if [[ " ${GO_OS} " == " linux" ; then
24+ TRIVY_OS=" Linux"
25+ elif [[ " ${GO_OS} " == " darwin" * ]]; then
26+ TRIVY_OS=" macOS"
27+ fi
28+
29+ GO_ARCH=" $( go env GOARCH) "
30+ if [[ " ${GO_ARCH} " == " amd" ; then
31+ TRIVY_ARCH=" 32bit"
32+ elif [[ " ${GO_ARCH} " == " amd64" * ]]; then
33+ TRIVY_ARCH=" 64bit"
34+ elif [[ " ${GO_ARCH} " == " arm" ; then
35+ TRIVY_ARCH=" ARM"
36+ elif [[ " ${GO_ARCH} " == " arm64" ; then
37+ TRIVY_ARCH=" ARM64"
38+ fi
39+
40+ TOOL_BIN=hack/tools/bin
41+ mkdir -p ${TOOL_BIN}
42+
43+ # Downloads trivy scanner
44+ curl -L -o ${TOOL_BIN} /trivy.tar.gz \
45+ https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION} /trivy_${TRIVY_VERSION} _${TRIVY_OS} -${TRIVY_ARCH} .tar.gz \
46+
47+ tar xfO ${TOOL_BIN} /trivy.tar.gz trivy > ${TOOL_BIN} /trivy
48+ chmod +x ${TOOL_BIN} /trivy
49+ rm ${TOOL_BIN} /trivy.tar.gz
50+
51+ # # Builds the container images to be scanned
52+ make REGISTRY=gcr.io/k8s-staging-cluster-api-aws PULL_POLICY=IfNotPresent TAG=dev docker-build
53+
54+ # Scan the images
55+ ${TOOL_BIN} /trivy image -q gcr.io/k8s-staging-cluster-api-aws/cluster-api-aws-controller-${GO_ARCH} :dev
0 commit comments