fix: Allow to use inline-scanning with on-prem installations

nestorsalceda · nestorsalceda · commit be24483337d9 · 2020-08-19T12:46:10.000+02:00
diff --git a/cmd/harbor-scanner-sysdig-secure/main.go b/cmd/harbor-scanner-sysdig-secure/main.go
@@ -80,6 +80,7 @@ func getAdapter() scanner.Adapter {
 		return scanner.NewInlineAdapter(
 			client,
 			clientset,
+			viper.GetString("secure_url"),
 			viper.GetString("namespace_name"),
 			viper.GetString("configmap_name"),
 			viper.GetString("secret_name"))
diff --git a/pkg/scanner/inline_adapter.go b/pkg/scanner/inline_adapter.go
@@ -19,16 +19,18 @@ import (
 type inlineAdapter struct {
 	BaseAdapter
 	k8sClient kubernetes.Interface
+	secureURL string
 	namespace string
 	configMap string
 	secret    string
 	jobTTL    int32
 }
 
-func NewInlineAdapter(secureClient secure.Client, k8sClient kubernetes.Interface, namespace string, configMap string, secret string) Adapter {
+func NewInlineAdapter(secureClient secure.Client, k8sClient kubernetes.Interface, secureURL string, namespace string, configMap string, secret string) Adapter {
 	return &inlineAdapter{
 		BaseAdapter: BaseAdapter{secureClient: secureClient},
 		k8sClient:   k8sClient,
+		secureURL:   secureURL,
 		namespace:   namespace,
 		configMap:   configMap,
 		secret:      secret,
@@ -100,7 +102,7 @@ func (i *inlineAdapter) buildJob(req harbor.ScanRequest) *batchv1.Job {
 							Command: []string{"/bin/bash"},
 							Args: []string{
 								"-c",
-								fmt.Sprintf("docker login harbor.sysdig-demo.zone -u '$(HARBOR_ROBOTACCOUNT_USER)' -p '$(HARBOR_ROBOTACCOUNT_PASSWORD)' && (/bin/inline_scan.sh analyze -k '$(SYSDIG_SECURE_API_TOKEN)' -d '%s' -P %s || true )", req.Artifact.Digest, getImageFrom(req)),
+								fmt.Sprintf("docker login harbor.sysdig-demo.zone -u '$(HARBOR_ROBOTACCOUNT_USER)' -p '$(HARBOR_ROBOTACCOUNT_PASSWORD)' && (/bin/inline_scan.sh analyze -s '%s' -k '$(SYSDIG_SECURE_API_TOKEN)' -d '%s' -P %s || true )", i.secureURL, req.Artifact.Digest, getImageFrom(req)),
 							},
 							Env: []corev1.EnvVar{
 								{
diff --git a/pkg/scanner/inline_adapter_test.go b/pkg/scanner/inline_adapter_test.go
@@ -25,6 +25,7 @@ import (
 )
 
 const (
+	secureURL    = "https://secure.sysdig.com"
 	namespace    = "a-namespace"
 	configMap    = "a-configmap"
 	secret       = "a-secret"
@@ -43,7 +44,7 @@ var _ = Describe("InlineAdapter", func() {
 		controller = gomock.NewController(GinkgoT())
 		client = mocks.NewMockClient(controller)
 		k8sClient = fake.NewSimpleClientset()
-		inlineAdapter = scanner.NewInlineAdapter(client, k8sClient, namespace, configMap, secret)
+		inlineAdapter = scanner.NewInlineAdapter(client, k8sClient, secureURL, namespace, configMap, secret)
 	})
 
 	AfterEach(func() {
@@ -175,7 +176,7 @@ func job() *batchv1.Job {
 							Command: []string{"/bin/bash"},
 							Args: []string{
 								"-c",
-								"docker login harbor.sysdig-demo.zone -u '$(HARBOR_ROBOTACCOUNT_USER)' -p '$(HARBOR_ROBOTACCOUNT_PASSWORD)' && (/bin/inline_scan.sh analyze -k '$(SYSDIG_SECURE_API_TOKEN)' -d 'an image digest' -P harbor.sysdig-demo.zone/sysdig/agent:9.7.0 || true )",
+								"docker login harbor.sysdig-demo.zone -u '$(HARBOR_ROBOTACCOUNT_USER)' -p '$(HARBOR_ROBOTACCOUNT_PASSWORD)' && (/bin/inline_scan.sh analyze -s 'https://secure.sysdig.com' -k '$(SYSDIG_SECURE_API_TOKEN)' -d 'an image digest' -P harbor.sysdig-demo.zone/sysdig/agent:9.7.0 || true )",
 							},
 							Env: []corev1.EnvVar{
 								{
