Skip to content

Commit

Permalink
Merge pull request #4567 from zhzhuang-zju/format
Browse files Browse the repository at this point in the history 
add flag -f format to scan-image-vuln.sh
  • Loading branch information
@karmada-bot
karmada-bot authored Jan 21, 2024
2 parents c345831 + 103d558 commit f054313
Showing 1 changed file with 11 additions and 7 deletions.
18 changes: 11 additions & 7 deletions hack/scan-image-vuln.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ set -o pipefail

function usage() {
echo "Usage:"
echo " hack/scan-image-vuln.sh [-i imageRef] [-r registry] [-v version] [-s skip-image-generation] [-h]"
echo " hack/scan-image-vuln.sh [-i imageRef] [-r registry] [-v version] [-s skip-image-generation] [-f format][-h]"
echo "Examples:"
echo " # starts a images scanning with specific image provided"
echo " hack/scan-image-vuln.sh -i docker.io/karmada/karmada-controller-manager:v1.8.0"
Expand All @@ -40,13 +40,11 @@ function usage() {
echo " r registry: registry of images"
echo " v version: version of images"
echo " s skip-image-generation: whether to skip image generation"
echo " f format: output format(table). must be one of ['table' 'json' 'template' 'sarif' 'cyclonedx' 'spdx' 'spdx-json' 'github' 'cosign-vuln']"
echo " h: print help information"
}

SKIP_IMAGE_GENERAION="false"
IMAGEREF=""

while getopts 'h:si:r:v:' OPT; do
while getopts 'h:si:r:v:f:' OPT; do
case $OPT in
h)
usage
Expand All @@ -60,13 +58,19 @@ while getopts 'h:si:r:v:' OPT; do
REGISTRY=${OPTARG};;
v)
VERSION=${OPTARG};;
f)
FORMAT=${OPTARG};;
?)
usage
exit 1
;;
esac
done

FORMAT=${FORMAT:-"table"}
SKIP_IMAGE_GENERAION=${SKIP_IMAGE_GENERAION:-"false"}
IMAGEREF=${IMAGEREF:-""}

source "hack/util.sh"

echo -n "Preparing: 'trivy' existence check - "
Expand All @@ -79,7 +83,7 @@ fi

if [ ${IMAGEREF} ];then
echo "---------------------------- the image scanning result of Image <<${IMAGEREF}>> ----------------------------"
trivy image --format table --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q ${IMAGEREF}
trivy image --format ${FORMAT} --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q ${IMAGEREF}
exit 0
fi

Expand Down Expand Up @@ -110,5 +114,5 @@ for image in ${IMAGE_ARRAR[@]}
do
imageRef="$REGISTRY/$image:$VERSION"
echo "---------------------------- the image scanning result of Image <<$imageRef>> ----------------------------"
trivy image --format table --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q $imageRef
trivy image --format ${FORMAT} --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q $imageRef
done

0 comments on commit f054313

Please sign in to comment.