更新trivy的基础镜像版本到0.47.0，更新工具框架版本到0.0.29

TencentBlueKing · Dec 1, 2023 · 6f0217c · 6f0217c
1 parent b6484a6
commit 6f0217c
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 8 deletions.
diff --git a/trivy/Dockerfile b/trivy/Dockerfile
@@ -1,4 +1,4 @@
-FROM aquasec/trivy:0.42.1
+FROM aquasec/trivy:0.47.0
 
 COPY bkrepo-trivy /bkrepo-trivy
 RUN chmod +x /bkrepo-trivy

diff --git a/trivy/go.mod b/trivy/go.mod
@@ -2,7 +2,7 @@ module github.com/TencentBlueKing/ci-repoAnalysis/trivy
 
 go 1.21.0
 
-require github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.28
+require github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.29
 
 require (
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect

diff --git a/trivy/go.sum b/trivy/go.sum
@@ -1,5 +1,5 @@
-github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.28 h1:XLPkvJYWpLExlLowXdlY1SAYsiGmqEqb21MfXHF57tg=
-github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.28/go.mod h1:gaNOplWKoBM1MBtwllE4y/x1UfXdvlBgLUrECkdnLPE=
+github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.29 h1:ElglKqgntisGcj+RKJkNIdT25p9wjMmFB1d+C0O31xk=
+github.com/TencentBlueKing/ci-repoAnalysis/analysis-tool-sdk-golang v0.0.29/go.mod h1:gaNOplWKoBM1MBtwllE4y/x1UfXdvlBgLUrECkdnLPE=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=

diff --git a/trivy/pkg/scan_executor.go b/trivy/pkg/scan_executor.go
@@ -1,6 +1,7 @@
 package pkg
 
 import (
+	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -16,7 +17,7 @@ import (
 type TrivyExecutor struct{}
 
 // Execute 执行分析
-func (e TrivyExecutor) Execute(config *object.ToolConfig, file *os.File) (*object.ToolOutput, error) {
+func (e TrivyExecutor) Execute(ctx context.Context, config *object.ToolConfig, file *os.File) (*object.ToolOutput, error) {
 	offline, err := config.GetBoolArg(constant.ConfigOffline)
 	if err != nil {
 		offline = len(config.GetStringArg(constant.ArgDbDownloadUrl)) > 0
@@ -27,7 +28,7 @@ func (e TrivyExecutor) Execute(config *object.ToolConfig, file *os.File) (*objec
 		}
 	}
 
-	if err := execTrivy(file.Name(), offline, config); err != nil {
+	if err := execTrivy(ctx, file.Name(), offline, config); err != nil {
 		return nil, err
 	}
 	return transformOutputJson()
@@ -55,7 +56,7 @@ func downloadAllDB(config *object.ToolConfig) error {
 	return nil
 }
 
-func execTrivy(fileName string, offline bool, config *object.ToolConfig) error {
+func execTrivy(ctx context.Context, fileName string, offline bool, config *object.ToolConfig) error {
 	// trivy --cache-dir /root/.cache/trivy image --input filePath -f json
 	//       -o /bkrepo/workspace/trivy-output.json --skip-db-update --offline-scan
 
@@ -99,7 +100,7 @@ func execTrivy(fileName string, offline bool, config *object.ToolConfig) error {
 		args = append(args, constant.FlagSecretConfig, constant.SecretRuleFilePath)
 	}
 
-	if err := util.ExecAndLog(constant.CmdTrivy, args, ""); err != nil {
+	if err := util.ExecAndLog(ctx, constant.CmdTrivy, args, ""); err != nil {
 		return err
 	}
 	return nil