From 92bec0f127dce702e2b4ec9962d1400388728ea2 Mon Sep 17 00:00:00 2001
From: Philippe Caseiro <pcaseiro@cadoles.com>
Date: Mon, 19 Jun 2023 16:59:05 +0200
Subject: [PATCH] fix(kube): use make scan for trivy scan

---
 vars/kubecontainer.groovy | 41 ++++++++++-----------------------------
 1 file changed, 10 insertions(+), 31 deletions(-)

diff --git a/vars/kubecontainer.groovy b/vars/kubecontainer.groovy
index ce2ae97..672af69 100644
--- a/vars/kubecontainer.groovy
+++ b/vars/kubecontainer.groovy
@@ -121,37 +121,14 @@ String validateDockerfileWithHadolint(String dockerfile, Map options = [:]) {
 }
 
 void runTrivyCheck(String imageName, String projectRepository, Map options = [:]) {
-    String reportFile = ".trivy-report-${currentBuild.startTimeInMillis}.txt"
-
-    try {
-        validateImageWithTrivy(imageName, ['reportFile': reportFile])
-    } catch (err) {
-        unstable("Image '${imageName}' failed validation !")
-    } finally {
-        String lintReport = ''
-
-        if (fileExists(reportFile)) {
-            lintReport = """${lintReport}
-            |
-            |```
-            |${readFile(reportFile)}
-            |```"""
-        } else {
-            lintReport = """${lintReport}
-            |
-            |_Vérification échouée mais aucun rapport trouvé !?_ :thinking:"""
-        }
-
-        String defaultReport = '_Rien à signaler !_ :thumbsup:'
-        String report = """## Validation de l'image `${imageName}`
-        |
-        |${lintReport ?: defaultReport}
-        """.stripMargin()
-
-        print report
-
-        if (env.CHANGE_ID) {
-            gitea.commentPullRequest(projectRepository, env.CHANGE_ID, report)
+    String currentBranch = env.BRANCH_NAME.replaceAll("[^a-zA-Z]+","_")
+    stage("Scan with trivy '${imageName}:${imageTag}'") {
+	utils.when(!dryRun) {
+           retry(2) {
+              sh """
+              	CURRENT_BRANCH=${currentBranch} make scan
+              """
+           }
         }
     }
 }
@@ -164,6 +141,8 @@ String validateImageWithTrivy(String imageName, Map options = [:]) {
     Integer cacheMaxSize = options.get('cacheMaxSize', 250)
     String reportFile = options.get('reportFile', ".trivy-report-${currentBuild.startTimeInMillis}.txt")
 
+    
+
     cache(maxCacheSize: cacheMaxSize, defaultBranch: cacheDefaultBranch, caches: [
         [$class: 'ArbitraryFileCache', path: cacheDirectory, compressionMethod: 'TARGZ']
     ]) {