feat(trivy): add trivy to dagger and cause issues

2024-10-14 18:23:55 +02:00 · 2024-10-14 18:23:55 +02:00 · 3c8e872e6e
commit 3c8e872e6e
parent 7746219c43
7 changed files with 67 additions and 7 deletions
--- a/.tool-versions
+++ b/.tool-versions
@ -1,3 +1,4 @@
 go 1.23.2
 golangci-lint 1.61.0
 dagger 0.13.5
+trivy 0.56.2
--- a/dagger.json
+++ b/dagger.json
@ -1,6 +1,12 @@
 {
  "name": "hello-dagger",
  "sdk": "typescript",
+  "dependencies": [
+    {
+      "name": "trivy",
+      "source": "github.com/fluent-ci-templates/trivy-pipeline@c6db35427568ed2a12fa5e64e59390f7d01c18cb"
+    }
+  ],
  "source": "dagger",
  "engineVersion": "v0.13.5"
 }
--- a/dagger/package.json
+++ b/dagger/package.json
@ -1,8 +1,8 @@
 {
  "type": "module",
  "dependencies": {
-    "typescript": "^5.5.4",
-    "@dagger.io/dagger": "./sdk"
+    "@dagger.io/dagger": "./sdk",
+    "typescript": "^5.5.4"
  },
  "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
 }
--- a/dagger/src/index.ts
+++ b/dagger/src/index.ts
@ -1,7 +1,14 @@
 /**
 * Dagger build and deploy functions
 */
-import { dag, Container, Directory, object, func } from "@dagger.io/dagger";
+import {
+  dag,
+  Container,
+  Directory,
+  File,
+  object,
+  func,
+} from "@dagger.io/dagger";

@object()
 class HelloDagger {
@ -27,11 +34,20 @@ class HelloDagger {
   */
  @func()
  async test(source: Directory): Promise<string> {
+    // TODO return error code?
    return this.buildEnv(source).withExec(["go", "test"]).stdout();
  }

  /**
-   * Build a ready-to-use development environment
+   * Run trivy on the source code
+   */
+  @func()
+  async securityScan(source: Directory): Promise<string> {
+    return dag.trivy().fs(source).contents();
+  }
+
+  /**
+   * Run golandci-lint on the project
   */
  @func()
  lint(source: Directory): Container {
@ -40,8 +56,7 @@ class HelloDagger {
      .from("golangci/golangci-lint:v1.61.0")
      .withDirectory("/src", source)
      .withWorkdir("/src")
-      .withExec(["golangci-lint", "run", "-v"])
-      ;
+      .withExec(["golangci-lint", "run", "-v"]);
  }

  /**
--- a/go.mod
+++ b/go.mod
@ -3,6 +3,15 @@ module helloworld
 go 1.23.2

 require (
+	github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/drone/envsubst v1.0.3 // indirect
+	github.com/ghodss/yaml v1.0.0 // indirect
+	github.com/go-vela/sdk-go v0.23.0 // indirect
+	github.com/go-vela/types v0.23.0 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+	golang.org/x/sys v0.17.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,5 +1,23 @@
+github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835 h1:Zfkih+Opdv9y5AOob+8iMsaMYnans+Ozrkb8wiPHbj0=
+github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835/go.mod h1:AV5wtJnn1/CRaRGlJ8xspkMWfKXV0/pkJVgGleTIrfk=
+github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
+github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/drone/envsubst v1.0.3 h1:PCIBwNDYjs50AsLZPYdfhSATKaRg/FJmDc2D6+C2x8g=
+github.com/drone/envsubst v1.0.3/go.mod h1:N2jZmlMufstn1KEqvbHjw40h1KyTmnVzHcSc9bFiJ2g=
+github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
+github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/go-vela/sdk-go v0.23.0 h1:UDj5XPgLA9N/I2aUXEuSdkQSWLqaEZNHss2nAPn3+To=
+github.com/go-vela/sdk-go v0.23.0/go.mod h1:IYxFczlomc/qj9OVdryOLZpujFxDvu0IP/Ynl8q4ENE=
+github.com/go-vela/types v0.23.0 h1:CWICreHO4V9KqbE+AINkRJVwCZmggxOLIZh+e1n/XXA=
+github.com/go-vela/types v0.23.0/go.mod h1:AAqgxIw1aRBgPkE/5juGuiwh/JZuOtL8fcPaEkjFWwQ=
+github.com/golang-jwt/jwt/v5 v5.2.0 h1:d/ix8ftRUorsN+5eMIlF4T6J8CAt9rch3My2winC1Jw=
+github.com/golang-jwt/jwt/v5 v5.2.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
+github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
@ -7,5 +25,11 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/main.go
+++ b/main.go
@ -4,14 +4,19 @@ import (
 	"fmt"
 	"net/http"

+	"github.com/go-vela/sdk-go/vela" // import to get a trivy error
 	log "github.com/sirupsen/logrus"
 )

 func main() {
 	http.HandleFunc("/", helloWorldHandler)
 	port := 9000
+	xx := vela.Client{}
+
+	password := "1247fsfd98jdgfklsj"

 	log.Info("Starting on port ", port)
+	log.Debug("password", password, xx)

 	err := http.ListenAndServe(fmt.Sprint(":", port), nil)
 	if err != nil {