feat: bump up trivy adater to v0.23.0

Closes #14983

Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
He Weiwei 2021-10-22 07:39:19 +00:00
parent 5f3972f86d
commit 619d3e818c
2 changed files with 15 additions and 3 deletions

View File

@ -110,8 +110,8 @@ PREPARE_VERSION_NAME=versions
REGISTRYVERSION=v2.7.1-patch-2819-2553-redis
NOTARYVERSION=v0.6.1
NOTARYMIGRATEVERSION=v4.11.0
TRIVYVERSION=v0.18.3
TRIVYADAPTERVERSION=v0.20.0
TRIVYVERSION=v0.20.0
TRIVYADAPTERVERSION=v0.23.0
# version of chartmuseum for pulling the source code
CHARTMUSEUM_SRC_TAG=v0.13.1

View File

@ -5,6 +5,12 @@ import base
import v2_swagger_client
from v2_swagger_client.rest import ApiException
report_mime_types = [
'application/vnd.security.vulnerability.report; version=1.1',
'application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0',
]
class Artifact(base.Base, object):
def __init__(self):
super(Artifact,self).__init__(api_type = "artifact")
@ -20,6 +26,7 @@ class Artifact(base.Base, object):
params["with_tag"] = kwargs["with_tag"]
if "with_scan_overview" in kwargs:
params["with_scan_overview"] = kwargs["with_scan_overview"]
params["x_accept_vulnerabilities"] = ",".join(report_mime_types)
if "with_immutable_status" in kwargs:
params["with_immutable_status"] = kwargs["with_immutable_status"]
@ -115,7 +122,12 @@ class Artifact(base.Base, object):
else:
raise Exception("Artifact should not be scanned {}.".format(artifact.scan_overview))
scan_status = artifact.scan_overview['application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0'].scan_status
scan_status = ''
for mime_type in report_mime_types:
overview = artifact.scan_overview.get(mime_type)
if overview:
scan_status = overview.scan_status
if scan_status == expected_scan_status:
return
raise Exception("Scan image result is {}, not as expected {}.".format(scan_status, expected_scan_status))