From e17653853eff4ba30e4a8168c66c0325083b0936 Mon Sep 17 00:00:00 2001 From: Fabrizio Sestito Date: Tue, 3 Dec 2024 16:47:32 +0100 Subject: [PATCH] fix(worker): use ecr repositories; add sql driver Signed-off-by: Fabrizio Sestito --- internal/handlers/generate_sbom.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/handlers/generate_sbom.go b/internal/handlers/generate_sbom.go index 382a2bf..109b376 100644 --- a/internal/handlers/generate_sbom.go +++ b/internal/handlers/generate_sbom.go @@ -7,6 +7,8 @@ import ( "log/slog" "os" + _ "modernc.org/sqlite" // sqlite driver for RPM DB and Java DB + trivyCommands "github.com/aquasecurity/trivy/pkg/commands" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -79,6 +81,8 @@ func (h *GenerateSBOMHandler) Handle(message messaging.Message) error { "image", "--cache-dir", h.workDir, "--format", "spdx-json", + "--db-repository", "public.ecr.aws/aquasecurity/trivy-db", + "--java-db-repository", "public.ecr.aws/aquasecurity/trivy-java-db", "--output", sbomFile.Name(), fmt.Sprintf("%s/%s:%s", image.GetImageMetadata().RegistryURI, image.GetImageMetadata().Repository, image.GetImageMetadata().Tag), })