From e53efab1b62cea7e3c18cbf4f96f7496af49cdd5 Mon Sep 17 00:00:00 2001 From: Sylvain Gilgen Date: Tue, 12 Nov 2024 10:58:08 +0100 Subject: [PATCH] add comments, sdd SbomBuild method --- ci/main.go | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/ci/main.go b/ci/main.go index d4dca238..621109f1 100644 --- a/ci/main.go +++ b/ci/main.go @@ -102,18 +102,25 @@ func (m *Ci) Test(ctx context.Context, dir *dagger.Directory) *dagger.Container WithExec([]string{"bundle", "exec", "rails", "test"}) } +// Creates an SBOM for the container func (m *Ci) Sbom(ctx context.Context, container *dagger.Container) *dagger.File { - trivy := dag.Trivy(dagger.TrivyOpts{ - DatabaseRepository: "public.ecr.aws/aquasecurity/trivy-db", - }) + trivy := dag.Trivy() sbom := trivy.Container(container). - Report("spdx-json"). - WithName("spdx.json") + Report("cyclonedx"). + WithName("cyclonedx.json") return sbom } +// Builds the container and creates an SBOM for it +func (m *Ci) SbomBuild(ctx context.Context, dir *dagger.Directory) *dagger.File { + container := m.Build(ctx, dir) + + return m.Sbom(ctx, container) +} + +// Scans the SBOM for vulnerabilities func (m *Ci) Vulnscan(ctx context.Context, sbom *dagger.File) *dagger.File { trivy := dag.Trivy(dagger.TrivyOpts{ DatabaseRepository: "public.ecr.aws/aquasecurity/trivy-db",