From 1f563e703e5d149ad879358d9ca508db56346c42 Mon Sep 17 00:00:00 2001
From: hpal <ahosea15@gmail.com>
Date: Fri, 31 May 2024 17:13:07 +0100
Subject: [PATCH] PORT-8430 Update the trivy bp and mapping

---
 kubernetes/blueprints/trivy-blueprints.json   | 24 +++++++++----------
 .../templates/trivy-kubernetes_v1_config.yaml | 20 ++++++++++++++--
 2 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/kubernetes/blueprints/trivy-blueprints.json b/kubernetes/blueprints/trivy-blueprints.json
index 0065c36..cafcce0 100644
--- a/kubernetes/blueprints/trivy-blueprints.json
+++ b/kubernetes/blueprints/trivy-blueprints.json
@@ -441,12 +441,12 @@
         "calculationProperties": {},
         "aggregationProperties": {},
         "relations": {
-          "namespace": {
-            "title": "Namespace",
-            "target": "namespace",
-            "required": false,
-            "many": false
-          }
+            "kubernetes_resource": {
+                "title": "Kubernetes Resource",
+                "target": "workload",
+                "required": false,
+                "many": false
+            }
         }
       },
       {
@@ -537,12 +537,12 @@
         "calculationProperties": {},
         "aggregationProperties": {},
         "relations": {
-          "namespace": {
-            "title": "Namespace",
-            "target": "namespace",
-            "required": false,
-            "many": false
-          }
+            "kubernetes_resource": {
+              "title": "Kubernetes Resource",
+              "target": "workload",
+              "required": false,
+              "many": false
+            }
         }
       }
 ]
\ No newline at end of file
diff --git a/kubernetes/templates/trivy-kubernetes_v1_config.yaml b/kubernetes/templates/trivy-kubernetes_v1_config.yaml
index 62091ba..d475ced 100644
--- a/kubernetes/templates/trivy-kubernetes_v1_config.yaml
+++ b/kubernetes/templates/trivy-kubernetes_v1_config.yaml
@@ -206,7 +206,15 @@ resources: # List of K8s resources to list, watch, and export to Port.
               createdAt: .metadata.creationTimestamp
               updatedAt: .report.updateTimestamp
             relations:
-              namespace: .metadata.namespace + "-" + env.CLUSTER_NAME
+              kubernetes_resource: (
+                if (.metadata.ownerReferences | length > 0) then 
+                     (.metadata.ownerReferences[] | select(.controller == true) |
+                     .name + "-" + .kind + "-" + .metadata.namespace + "-" + env.CLUSTER_NAME
+                     )
+                  else
+                     empty
+                  end
+                )
 
   - kind: aquasecurity.github.io/v1alpha1/vulnerabilityreports
     selector:
@@ -234,4 +242,12 @@ resources: # List of K8s resources to list, watch, and export to Port.
               scannerVersion: .report.scanner.version
               createdAt: .metadata.creationTimestamp
             relations:
-              namespace: .metadata.namespace + "-" + env.CLUSTER_NAME
\ No newline at end of file
+              kubernetes_resource: (
+                if (.metadata.ownerReferences | length > 0) then 
+                     (.metadata.ownerReferences[] | select(.controller == true) |
+                     .name + "-" + .kind + "-" + .metadata.namespace + "-" + env.CLUSTER_NAME
+                     )
+                  else
+                     empty
+                  end
+                )
\ No newline at end of file