feature: mirror of security/trivy-checks:0 image

Signed-off-by: Maxim Vasilenko <[email protected]>
deckhouse · Oct 14, 2024 · afca3a8 · afca3a8
1 parent 7bad692
commit afca3a8
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 0 deletions.
diff --git a/internal/mirror/cmd/vulndb/pull/pull.go b/internal/mirror/cmd/vulndb/pull/pull.go
@@ -106,6 +106,10 @@ func pull(_ *cobra.Command, _ []string) error {
  if err != nil {
  return fmt.Errorf("creating java db layout: %w", err)
  }
+ imageLayouts.TrivyChecks, err = layouts.CreateEmptyImageLayoutAtPath(filepath.Join(VulnerabilityDBPath, "trivy-checks"))
+ if err != nil {
+ return fmt.Errorf("creating java db layout: %w", err)
+ }
 
  if err := layouts.PullTrivyVulnerabilityDatabasesImages(pullContext, imageLayouts); err != nil {
  return fmt.Errorf("pull vulnerability databases: %w", err)

diff --git a/internal/mirror/cmd/vulndb/push/push.go b/internal/mirror/cmd/vulndb/push/push.go
@@ -93,6 +93,7 @@ func push(_ *cobra.Command, _ []string) error {
  path.Join(RegistryRepo, "security", "trivy-db"): filepath.Join(VulnerabilityDBPath, "trivy-db"),
  path.Join(RegistryRepo, "security", "trivy-bdu"): filepath.Join(VulnerabilityDBPath, "trivy-bdu"),
  path.Join(RegistryRepo, "security", "trivy-java-db"): filepath.Join(VulnerabilityDBPath, "trivy-java-db"),
+ path.Join(RegistryRepo, "security", "trivy-checks"): filepath.Join(VulnerabilityDBPath, "trivy-checks"),
  }
 
  repoCount := 0

diff --git a/pkg/libmirror/layouts/layouts.go b/pkg/libmirror/layouts/layouts.go
@@ -58,6 +58,8 @@ type ImageLayouts struct {
  TrivyBDUImages map[string]struct{}
  TrivyJavaDB layout.Path
  TrivyJavaDBImages map[string]struct{}
+ TrivyChecks layout.Path
+ TrivyChecksImages map[string]struct{}
 
  Modules map[string]ModuleImageLayout
 
@@ -90,6 +92,7 @@ func CreateOCIImageLayoutsForDeckhouse(
  &layouts.TrivyDB: filepath.Join(rootFolder, "security", "trivy-db"),
  &layouts.TrivyBDU: filepath.Join(rootFolder, "security", "trivy-bdu"),
  &layouts.TrivyJavaDB: filepath.Join(rootFolder, "security", "trivy-java-db"),
+ &layouts.TrivyChecks: filepath.Join(rootFolder, "security", "trivy-checks"),
  }
  for layoutPtr, fsPath := range fsPaths {
  *layoutPtr, err = CreateEmptyImageLayoutAtPath(fsPath)
@@ -183,6 +186,7 @@ func FillLayoutsWithBasicDeckhouseImages(
  mirrorCtx.DeckhouseRegistryRepo + "/security/trivy-db:2": {},
  mirrorCtx.DeckhouseRegistryRepo + "/security/trivy-bdu:1": {},
  mirrorCtx.DeckhouseRegistryRepo + "/security/trivy-java-db:1": {},
+ mirrorCtx.DeckhouseRegistryRepo + "/security/trivy-checks:0": {},
  }
 
  for _, version := range deckhouseVersions {

diff --git a/pkg/libmirror/layouts/pull.go b/pkg/libmirror/layouts/pull.go
@@ -127,6 +127,7 @@ func PullTrivyVulnerabilityDatabasesImages(
  layouts.TrivyDB: path.Join(pullCtx.DeckhouseRegistryRepo, "security", "trivy-db:2"),
  layouts.TrivyBDU: path.Join(pullCtx.DeckhouseRegistryRepo, "security", "trivy-bdu:1"),
  layouts.TrivyJavaDB: path.Join(pullCtx.DeckhouseRegistryRepo, "security", "trivy-java-db:1"),
+ layouts.TrivyChecks: path.Join(pullCtx.DeckhouseRegistryRepo, "security", "trivy-checks:0"),
  }
 
  for dbImageLayout, imageRef := range dbImages {

diff --git a/pkg/libmirror/operations/push.go b/pkg/libmirror/operations/push.go
@@ -103,6 +103,7 @@ func findLayoutsToPush(mirrorCtx *contexts.PushContext) (map[string]layout.Path,
  {"security", "trivy-db"},
  {"security", "trivy-bdu"},
  {"security", "trivy-java-db"},
+ {"security", "trivy-checks"},
  }
 
  for _, bundlePath := range bundlePaths {

diff --git a/testing/e2e/mirror/mirror_e2e_test.go b/testing/e2e/mirror/mirror_e2e_test.go
@@ -122,6 +122,7 @@ func createTrivyVulnerabilityDatabasesInRegistry(t *testing.T, repo string, inse
  repo + "/security/trivy-db:2",
  repo + "/security/trivy-bdu:1",
  repo + "/security/trivy-java-db:1",
+ repo + "/security/trivy-checks:0",
  }
 
  for _, image := range images {