redup trivy

puzzle · Nov 12, 2024 · 3dc71f7 · 3dc71f7
1 parent c47166b
commit 3dc71f7
Showing 1 changed file with 12 additions and 43 deletions.
diff --git a/ci/main.go b/ci/main.go
@@ -18,7 +18,6 @@ import (
 	"context"
 	"dagger/ci/internal/dagger"
 	"fmt"
-    "sync"
 )
 
 type Ci struct{}
@@ -112,7 +111,14 @@ func (m *Ci) Test(ctx context.Context, dir *dagger.Directory) *dagger.Container
 
 // Creates an SBOM for the container
 func (m *Ci) Sbom(container *dagger.Container) *dagger.File {
-	trivy := m.Trivy()
+	trivy_container := dag.Container().
+		From("aquasec/trivy").
+		WithEnvVariable("TRIVY_JAVA_DB_REPOSITORY", "public.ecr.aws/aquasecurity/trivy-java-db")
+
+	trivy := dag.Trivy(dagger.TrivyOpts{
+		Container:          trivy_container,
+		DatabaseRepository: "public.ecr.aws/aquasecurity/trivy-db",
+	})
 
 	sbom := trivy.Container(container).
 		Report("cyclonedx").
@@ -130,21 +136,16 @@ func (m *Ci) SbomBuild(ctx context.Context, dir *dagger.Directory) *dagger.File
 
 // Scans the SBOM for vulnerabilities
 func (m *Ci) Vulnscan(sbom *dagger.File) *dagger.File {
-	trivy := m.Trivy()
-
-	return trivy.Sbom(sbom).Report("json")
-}
-
-// Creates and returns a custom trivy instance
-func (m *Ci) Trivy() *dagger.Trivy {
 	trivy_container := dag.Container().
 		From("aquasec/trivy").
 		WithEnvVariable("TRIVY_JAVA_DB_REPOSITORY", "public.ecr.aws/aquasecurity/trivy-java-db")
 
-	return dag.Trivy(dagger.TrivyOpts{
+	trivy := dag.Trivy(dagger.TrivyOpts{
 		Container:          trivy_container,
 		DatabaseRepository: "public.ecr.aws/aquasecurity/trivy-db",
 	})
+
+	return trivy.Sbom(sbom).Report("json")
 }
 
 // Executes all the steps and returns a Results object
@@ -154,43 +155,11 @@ func (m *Ci) Ci(ctx context.Context, dir *dagger.Directory) *Results {
 	image := m.Build(ctx, dir)
 	sbom := m.Sbom(image)
 	vulnerabilityScan := m.Vulnscan(sbom)
-	return &Results{
-		LintOutput:        lintOutput,
-		SecurityScan:      securityScan,
-		VulnerabilityScan: vulnerabilityScan,
-		Image:             image,
-	}
-}
-
-// Executes all the steps and returns a Results object
-func (m *Ci) CiIntegration(ctx context.Context, dir *dagger.Directory) *Results {
-	var wg sync.WaitGroup
-	wg.Add(3)
-
-	var lintOutput, _ = func() (string, error) {
-		defer wg.Done()
-		return "empty", error(nil) //m.Lint(ctx, dir)
-	}()
-
-	var securityScan = func() *dagger.File {
-		defer wg.Done()
-		return m.Sast(ctx, dir)
-	}()
-
-	//vulnerabilityScan := m.Vulnscan(ctx, m.SbomBuild(ctx, dir))
-
-	var image = func() *dagger.Container {
-		defer wg.Done()
-		return m.Build(ctx, dir)
-	}()
-
-	// This Blocks the execution until its counter become 0
-    wg.Wait()
 
 	return &Results{
 		LintOutput:        lintOutput,
 		SecurityScan:      securityScan,
-	//	VulnerabilityScan: vulnerabilityScan,
+		VulnerabilityScan: vulnerabilityScan,
 		Image:             image,
 	}
 }