Skip to content

Commit

Permalink
fix: add trivy-timeout on scan fs mode (aquasecurity#1591)
Browse files Browse the repository at this point in the history
* fix: add trivy-timeout on scan fs mode

Signed-off-by: chenk <[email protected]>

* fix add trivy-timeout on scan fs mode

Signed-off-by: chenk <[email protected]>

* fix add trivy-timeout on scan fs mode

Signed-off-by: chenk <[email protected]>

---------

Signed-off-by: chenk <[email protected]>
  • Loading branch information
chen-keinan authored Oct 25, 2023
1 parent 3343cac commit 477a753
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 0 deletions.
2 changes: 2 additions & 0 deletions pkg/plugins/trivy/plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -1472,6 +1472,7 @@ func (p *plugin) getPodSpecForStandaloneFSMode(ctx trivyoperator.PluginContext,
ConfigWorkloadAnnotationEnvVars(workload, SkipFilesAnnotation, "TRIVY_SKIP_FILES", trivyConfigName, keyTrivySkipFiles),
ConfigWorkloadAnnotationEnvVars(workload, SkipDirsAnnotation, "TRIVY_SKIP_DIRS", trivyConfigName, keyTrivySkipDirs),
constructEnvVarSourceFromConfigMap("HTTP_PROXY", trivyConfigName, keyTrivyHTTPProxy),
constructEnvVarSourceFromConfigMap("TRIVY_TIMEOUT", trivyConfigName, keyTrivyTimeout),
constructEnvVarSourceFromConfigMap("HTTPS_PROXY", trivyConfigName, keyTrivyHTTPSProxy),
constructEnvVarSourceFromConfigMap("NO_PROXY", trivyConfigName, keyTrivyNoProxy),
constructEnvVarSourceFromConfigMap("TRIVY_JAVA_DB_REPOSITORY", trivyConfigName, keyTrivyJavaDBRepository),
Expand Down Expand Up @@ -1672,6 +1673,7 @@ func (p *plugin) getPodSpecForClientServerFSMode(ctx trivyoperator.PluginContext
ConfigWorkloadAnnotationEnvVars(workload, SkipFilesAnnotation, "TRIVY_SKIP_FILES", trivyConfigName, keyTrivySkipFiles),
ConfigWorkloadAnnotationEnvVars(workload, SkipDirsAnnotation, "TRIVY_SKIP_DIRS", trivyConfigName, keyTrivySkipDirs),
constructEnvVarSourceFromConfigMap("HTTP_PROXY", trivyConfigName, keyTrivyHTTPProxy),
constructEnvVarSourceFromConfigMap("TRIVY_TIMEOUT", trivyConfigName, keyTrivyTimeout),
constructEnvVarSourceFromConfigMap("HTTPS_PROXY", trivyConfigName, keyTrivyHTTPSProxy),
constructEnvVarSourceFromConfigMap("NO_PROXY", trivyConfigName, keyTrivyNoProxy),
constructEnvVarSourceFromConfigMap("TRIVY_TOKEN_HEADER", trivyConfigName, keyTrivyServerTokenHeader),
Expand Down
65 changes: 65 additions & 0 deletions pkg/plugins/trivy/plugin_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4626,6 +4626,7 @@ default ignore = false`,
"trivy.resources.requests.memory": "100M",
"trivy.resources.limits.cpu": "500m",
"trivy.resources.limits.memory": "500M",
"trivy.timeout": "5m0s",
},
workloadSpec: &corev1.Pod{
TypeMeta: metav1.TypeMeta{
Expand Down Expand Up @@ -4866,6 +4867,18 @@ default ignore = false`,
},
},
},
{
Name: "TRIVY_TIMEOUT",
ValueFrom: &corev1.EnvVarSource{
ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "trivy-operator-trivy-config",
},
Key: "trivy.timeout",
Optional: pointer.Bool(true),
},
},
},
{
Name: "HTTPS_PROXY",
ValueFrom: &corev1.EnvVarSource{
Expand Down Expand Up @@ -4975,6 +4988,7 @@ default ignore = false`,
"trivy.resources.requests.memory": "100M",
"trivy.resources.limits.cpu": "500m",
"trivy.resources.limits.memory": "500M",
"trivy.timeout": "5m0s",
},
workloadSpec: &corev1.Pod{
TypeMeta: metav1.TypeMeta{
Expand Down Expand Up @@ -5118,6 +5132,18 @@ default ignore = false`,
},
},
},
{
Name: "TRIVY_TIMEOUT",
ValueFrom: &corev1.EnvVarSource{
ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "trivy-operator-trivy-config",
},
Key: "trivy.timeout",
Optional: pointer.Bool(true),
},
},
},
{
Name: "HTTPS_PROXY",
ValueFrom: &corev1.EnvVarSource{
Expand Down Expand Up @@ -5264,6 +5290,7 @@ default ignore = false`,
"trivy.resources.requests.memory": "100M",
"trivy.resources.limits.cpu": "500m",
"trivy.resources.limits.memory": "500M",
"trivy.timeout": "5m0s",
},
workloadSpec: &corev1.Pod{
TypeMeta: metav1.TypeMeta{
Expand Down Expand Up @@ -5504,6 +5531,18 @@ default ignore = false`,
},
},
},
{
Name: "TRIVY_TIMEOUT",
ValueFrom: &corev1.EnvVarSource{
ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "trivy-operator-trivy-config",
},
Key: "trivy.timeout",
Optional: pointer.Bool(true),
},
},
},
{
Name: "HTTPS_PROXY",
ValueFrom: &corev1.EnvVarSource{
Expand Down Expand Up @@ -5613,6 +5652,7 @@ default ignore = false`,
"trivy.resources.requests.memory": "100M",
"trivy.resources.limits.cpu": "500m",
"trivy.resources.limits.memory": "500M",
"trivy.timeout": "5m0s",
},
workloadSpec: &corev1.Pod{
TypeMeta: metav1.TypeMeta{
Expand Down Expand Up @@ -5756,6 +5796,18 @@ default ignore = false`,
},
},
},
{
Name: "TRIVY_TIMEOUT",
ValueFrom: &corev1.EnvVarSource{
ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "trivy-operator-trivy-config",
},
Key: "trivy.timeout",
Optional: pointer.Bool(true),
},
},
},
{
Name: "HTTPS_PROXY",
ValueFrom: &corev1.EnvVarSource{
Expand Down Expand Up @@ -6873,6 +6925,7 @@ default ignore = false`,
"trivy.resources.requests.memory": "100M",
"trivy.resources.limits.cpu": "500m",
"trivy.resources.limits.memory": "500M",
"trivy.timeout": "5m0s",
},
workloadSpec: &corev1.Pod{
TypeMeta: metav1.TypeMeta{
Expand Down Expand Up @@ -7115,6 +7168,18 @@ default ignore = false`,
},
},
},
{
Name: "TRIVY_TIMEOUT",
ValueFrom: &corev1.EnvVarSource{
ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "trivy-operator-trivy-config",
},
Key: "trivy.timeout",
Optional: pointer.Bool(true),
},
},
},
{
Name: "HTTPS_PROXY",
ValueFrom: &corev1.EnvVarSource{
Expand Down

0 comments on commit 477a753

Please sign in to comment.