diff --git a/Makefile b/Makefile index 922bf83..7691ab5 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,5 @@ -.PHONY: gettestgrype -gettestgrype: - curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b ./internal/handler/testassets/bin \ No newline at end of file +.PHONY: gettrivy +gettrivy: + mkdir -p internal/handler/testassets/bin/trivy/ && wget -O - https://github.com/aquasecurity/trivy/releases/download/v0.45.0/trivy_0.45.0_Linux-64bit.tar.gz | tar -zxvf - -C internal/handler/testassets/bin/trivy/ + + diff --git a/internal/handler/insightsParserFilter.go b/internal/handler/insightsParserFilter.go index 40ac341..8e7fee1 100644 --- a/internal/handler/insightsParserFilter.go +++ b/internal/handler/insightsParserFilter.go @@ -61,6 +61,16 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC } source := fmt.Sprintf("insights:sbom:%s", resource.Service) + //// Add sbom onto processing queue + // + //SbomQueuePush(sbomQueueItem{ + // EnvironmentId: environment.Id, + // Service: "test", + // SBOM: *bom, + //}) + + //err := SbomToProblems() + // Process SBOM into facts facts := processFactsFromSBOM(bom.Components, environment.Id, source) @@ -75,14 +85,6 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC log.Printf("Successfully decoded SBOM of image %s with %s, found %d for '%s:%s'", bom.Metadata.Component.Name, (*bom.Metadata.Tools)[0].Name, len(*bom.Components), resource.Project, resource.Environment) - // Add sbom onto processing queue - - SbomQueuePush(sbomQueueItem{ - EnvironmentId: environment.Id, - Service: "test", - SBOM: *bom, - }) - return facts, source, nil } diff --git a/internal/handler/trivyProcessing.go b/internal/handler/trivyProcessing.go index cde13cc..b816031 100644 --- a/internal/handler/trivyProcessing.go +++ b/internal/handler/trivyProcessing.go @@ -62,6 +62,27 @@ func sbomQueuePop() *sbomQueueItem { return nil } +func SbomToProblems(trivyRemoteAddress string, bomWriteDirectory string, environmentId int, service string, sbom cyclonedx.BOM) error { + rep, err := executeProcessingTrivy(trivyRemoteAddress, bomWriteDirectory, sbom) + if err != nil { + return err + } + + problems, err := trivyReportToProblems(environmentId, problemSource, service, rep) + + if err != nil { + return err + } + + err = writeProblemsArrayToApi(environmentId, problemSource, service, problems) + + if err != nil { + return err + } + + return nil +} + func processQueue() { for { i := sbomQueuePop()