Updates trivy endpoint details

Makefile

@@ -3,3 +3,8 @@ gettrivy:
 	mkdir -p internal/handler/testassets/bin/trivy/ && wget -O - https://github.com/aquasecurity/trivy/releases/download/v0.45.0/trivy_0.45.0_Linux-64bit.tar.gz | tar -zxvf - -C internal/handler/testassets/bin/trivy/
 
 
+.PHONY: runlocal
+runlocal:
+	go run main.go --problems-from-sbom=true --rabbitmq-username=guest  --rabbitmq-password=guest --lagoon-api-host=http://localhost:8888/graphql   --jwt-token-signing-key=secret   --access-key-id=minio     --secret-access-key=minio123 --disable-s3-upload=true
+
+

internal/handler/insightsParserFilter.go

@@ -61,15 +61,13 @@ func processSbomInsightsData(h *Messaging, insights InsightsData, v string, apiC
 	}
 	source := fmt.Sprintf("insights:sbom:%s", resource.Service)
 
-	//// Add sbom onto processing queue
-	//
-	//SbomQueuePush(sbomQueueItem{
-	//	EnvironmentId: environment.Id,
-	//	Service:       "test",
-	//	SBOM:          *bom,
-	//})
-
-	//err :=  SbomToProblems()
+	// we process the SBOM here
+	if h.ProblemsFromSBOM == true {
+		err = SbomToProblems(h.TrivyServerEndpoint, "/tmp/", environment.Id, "insights-handler", *bom)
+		if err != nil {
+			return nil, "", err
+		}
+	}
 
 	// Process SBOM into facts
 	facts := processFactsFromSBOM(bom.Components, environment.Id, source)

internal/handler/messaging.go

@@ -18,11 +18,11 @@ type Messaging struct {
 	ConnectionRetryInterval int
 	EnableDebug             bool
 	ProblemsFromSBOM        bool
-	GrypeBinaryLocation     string
+	TrivyServerEndpoint     string
 }
 
 // NewMessaging returns a messaging with config
-func NewMessaging(config mq.Config, lagoonAPI LagoonAPI, s3 S3, startupAttempts int, startupInterval int, enableDebug bool, problemsFromSBOM bool, grypeBinaryLocation string) *Messaging {
+func NewMessaging(config mq.Config, lagoonAPI LagoonAPI, s3 S3, startupAttempts int, startupInterval int, enableDebug bool, problemsFromSBOM bool, trivyServerEndpoint string) *Messaging {
 	return &Messaging{
 		Config:                  config,
 		LagoonAPI:               lagoonAPI,
@@ -31,15 +31,14 @@ func NewMessaging(config mq.Config, lagoonAPI LagoonAPI, s3 S3, startupAttempts
 		ConnectionRetryInterval: startupInterval,
 		EnableDebug:             enableDebug,
 		ProblemsFromSBOM:        problemsFromSBOM,
-		GrypeBinaryLocation:     grypeBinaryLocation,
+		TrivyServerEndpoint:     trivyServerEndpoint,
 	}
 }
 
 // processMessageQueue reads in a rabbitMQ item and dispatches it to the appropriate function to process
 func (h *Messaging) processMessageQueue(message mq.Message) {
 	var insights InsightsData
 	var resource ResourceDestination
-
 	// set up defer to ack the message after we're done processing
 	defer func(message mq.Message) {
 		// Ack to remove from queue
@@ -109,7 +108,19 @@ func (h *Messaging) processMessageQueue(message mq.Message) {
 	if insights.InputType != "" {
 		switch insights.InputType {
 		case "sbom", "sbom-gz":
+
 			insights.InsightsType = Sbom
+			// We actually want to decompress the payload here so that they're all processed the same way
+			//decodeGzipString(incoming.BinaryPayload[0])
+			//for n, d := range incoming.BinaryPayload {
+			//	// let's try and decompress the binary payload here
+			//	data, err := decodeGzipString(d)
+			//	// TODO: I think there may be a potential issue here if the type isn't gzip, so should probably test
+			//	if err != nil {
+			//
+			//	}
+			//}
+
 		case "image", "image-gz":
 			insights.InsightsType = Image
 		case "direct":

internal/handler/trivyProcessing.go

@@ -4,9 +4,10 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/CycloneDX/cyclonedx-go"
+	cdx "github.com/CycloneDX/cyclonedx-go"
 	"github.com/aquasecurity/trivy/pkg/commands/artifact"
 	"github.com/aquasecurity/trivy/pkg/flag"
+	"github.com/aquasecurity/trivy/pkg/sbom/cyclonedx"
 	"github.com/aquasecurity/trivy/pkg/types"
 	"github.com/uselagoon/lagoon/services/insights-handler/internal/lagoonclient"
 	"io"
@@ -38,28 +39,29 @@ var queue = sbomQueue{
 	Lock:  sync.Mutex{},
 }
 
-func SbomToProblems(trivyRemoteAddress string, bomWriteDirectory string, environmentId int, service string, sbom cyclonedx.BOM) error {
+func SbomToProblems(trivyRemoteAddress string, bomWriteDirectory string, environmentId int, service string, sbom cdx.BOM) error {
 	rep, err := executeProcessingTrivy(trivyRemoteAddress, bomWriteDirectory, sbom)
+	fmt.Println("AAA")
 	if err != nil {
 		return err
 	}
 
 	problems, err := trivyReportToProblems(environmentId, problemSource, service, rep)
-
+	fmt.Println("BBB")
 	if err != nil {
 		return err
 	}
 
 	err = writeProblemsArrayToApi(environmentId, problemSource, service, problems)
-
+	fmt.Println("CCC")
 	if err != nil {
 		return err
 	}
 
 	return nil
 }
 
-func convertBOMToProblemsArray(environment int, source string, service string, bom cyclonedx.BOM) ([]lagoonclient.LagoonProblem, error) {
+func convertBOMToProblemsArray(environment int, source string, service string, bom cdx.BOM) ([]lagoonclient.LagoonProblem, error) {
 	var ret []lagoonclient.LagoonProblem
 	if bom.Vulnerabilities == nil {
 		return ret, fmt.Errorf("No Vulnerabilities")
@@ -140,7 +142,7 @@ func testTrivyServerIsAlive(trivyRemoteAddress string) (bool, error) {
 	return body == "ok", nil
 }
 
-func executeProcessingTrivy(trivyRemoteAddress string, bomWriteDir string, bom cyclonedx.BOM) (types.Report, error) {
+func executeProcessingTrivy(trivyRemoteAddress string, bomWriteDir string, bom cdx.BOM) (types.Report, error) {
 	//first, we write this thing to disk
 	file, err := os.CreateTemp(bomWriteDir, "cycloneDX-*.json")
 	if err != nil {

main.go

@@ -41,7 +41,7 @@ var (
 	disableAPIIntegration        bool
 	enableDebug                  bool
 	problemsFromSBOM             bool
-	grypeBinaryLocation          string
+	trivyServerEndpoint          string
 )
 
 func main() {
@@ -72,7 +72,9 @@ func main() {
 	flag.BoolVar(&disableAPIIntegration, "disable-api-integration", false, "Disable insights data integration for the Lagoon API")
 	flag.BoolVar(&enableDebug, "debug", false, "Enable debugging output")
 	flag.BoolVar(&problemsFromSBOM, "problems-from-sbom", false, "Pass any SBOM through Grype")
-	flag.StringVar(&grypeBinaryLocation, "grype-binary-location", "/usr/local/bin/grype", "Location of the Grype binary on disk")
+	flag.StringVar(&trivyServerEndpoint, "trivy-server-location", "http://localhost:4954", "Trivy server endpoint")
+
+	flag.Parse()
 
 	handler.EnableDebug = enableDebug
 
@@ -98,7 +100,7 @@ func main() {
 	disableAPIIntegration = getEnvBool("INSIGHTS_DISABLE_API_INTEGRATION", disableAPIIntegration)
 	disableS3Upload = getEnvBool("INSIGHTS_DISABLE_S3_UPLOAD", disableS3Upload)
 	problemsFromSBOM = getEnvBool("PROBLEMS_FROM_SBOM", problemsFromSBOM)
-	grypeBinaryLocation = getEnv("GRYPE_BINARY_LOCATION", grypeBinaryLocation)
+	trivyServerEndpoint = getEnv("TRIVY_SERVER_ENDPOINT", trivyServerEndpoint)
 
 	// configure the backup handler settings
 	broker := handler.RabbitBroker{
@@ -126,6 +128,12 @@ func main() {
 		Disabled:        disableS3Upload,
 	}
 
+	if disableS3Upload == true {
+		fmt.Println("Disabled S3 upload is true")
+	} else {
+		fmt.Println("Disabled S3 upload is false")
+	}
+
 	log.Println("Registering Fact Filters/Transformer")
 	err := handler.RegisterFiltersFromDisk(filterTransformerFile)
 	if err != nil {
@@ -183,7 +191,7 @@ func main() {
 		startupConnectionInterval,
 		enableDebug,
 		problemsFromSBOM,
-		grypeBinaryLocation,
+		trivyServerEndpoint,
 	)
 
 	// start the consumer