renuka-fernando · March 25, 2022 05:48
diff --git a/trivy-scan.sh b/trivy-scan.sh
 trivyVersion="latest"
 trivyExitCode=1
 buildFail=0
 
 trivy() {
   docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
   -v "$PWD/.trivyignore":/.trivyignore:ro aquasec/trivy:${trivyVersion} image --exit-code "${trivyExitCode}" $4 \
   --severity MEDIUM,HIGH,CRITICAL --ignorefile /.trivyignore --timeout 10m $1/$2:$3
   if [ ${trivyExitCode} -eq 1 -a $? -eq 1 ]
   then
       echo "Vulnerabilities found." 1>&2
       buildFail=1
   fi
   if [ ${trivyExitCode} -eq 1 -a $? -eq 0 ]
   then
       echo "No critical, high or Medium level vulnerabilities found."
      
   fi
   if [ ${trivyExitCode} -eq 0 ]
   then
       echo "Vulnerabilities if exist, are ignored in this step as exit code is set to '0'."
   fi
 
 }

 trivy wso2 choreo-connect-enforcer 1.0.0
	trivyVersion="latest"
	trivyExitCode=1
	buildFail=0

	trivy() {
	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
	-v "$PWD/.trivyignore":/.trivyignore:ro aquasec/trivy:${trivyVersion} image --exit-code "${trivyExitCode}" $4 \
	--severity MEDIUM,HIGH,CRITICAL --ignorefile /.trivyignore --timeout 10m $1/$2:$3
	if [ ${trivyExitCode} -eq 1 -a $? -eq 1 ]
	then
	echo "Vulnerabilities found." 1>&2
	buildFail=1
	fi
	if [ ${trivyExitCode} -eq 1 -a $? -eq 0 ]
	then
	echo "No critical, high or Medium level vulnerabilities found."

	fi
	if [ ${trivyExitCode} -eq 0 ]
	then
	echo "Vulnerabilities if exist, are ignored in this step as exit code is set to '0'."
	fi

	}

	trivy wso2 choreo-connect-enforcer 1.0.0