Merge branch 'main' into patch-1

aquasecurity · Mar 31, 2023 · 2783bae · 2783bae
2 parents f0cf0b9 + 6370453
commit 2783bae
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/marketplace.md b/marketplace.md
@@ -31,6 +31,7 @@ You can supply several inputs to customise the task.
 | `exitCode`   | The exit-code to use when Trivy detects issues. Set to `0` to prevent the build failing when Trivy finds issues. Defaults to `1`.    |
 | `aquaKey`    | The Aqua API Key to use to link scan results to your Aqua Security account _(not required)_.                                         |
 | `aquaSecret` | The Aqua API Secret to use to link scan results to your Aqua Security account _(not required)_.                                      |
+| `options`    | Additional flags to pass to trivy. Example: `--timeout 10m0s` _(not required)_.                                                      |
 
 ### Example of scanning multiple targets
 

diff --git a/trivy-task/index.ts b/trivy-task/index.ts
@@ -18,6 +18,7 @@ async function run() {
     let loginDockerConfig = task.getBoolInput("loginDockerConfig", false)
     let ignoreUnfixed = task.getBoolInput("ignoreUnfixed", false)
     let severities = task.getInput("severities", false) ?? ""
+    let options = task.getInput("options", false) ?? ""
 
     if (scanPath === undefined && image === undefined) {
         throw new Error("You must specify something to scan. Use either the 'image' or 'path' option.")
@@ -47,9 +48,9 @@ async function run() {
     }
 
     if (scanPath !== undefined) {
-        configureScan(runner, "fs", scanPath, outputPath, severities, ignoreUnfixed)
+        configureScan(runner, "fs", scanPath, outputPath, severities, ignoreUnfixed, options)
     } else if (image !== undefined) {
-        configureScan(runner, "image", image, outputPath, severities, ignoreUnfixed)
+        configureScan(runner, "image", image, outputPath, severities, ignoreUnfixed, options)
     }
 
     console.log("Running Trivy...")
@@ -131,7 +132,7 @@ async function createRunner(docker: boolean, loginDockerConfig: boolean): Promis
     return runner
 }
 
-function configureScan(runner: ToolRunner, type: string, target: string, outputPath: string, severities: string, ignoreUnfixed: boolean) {
+function configureScan(runner: ToolRunner, type: string, target: string, outputPath: string, severities: string, ignoreUnfixed: boolean, options: string) {
     console.log("Configuring options for image scan...")
     let exitCode = task.getInput("exitCode", false)
     if (exitCode === undefined) {
@@ -148,6 +149,9 @@ function configureScan(runner: ToolRunner, type: string, target: string, outputP
     if (ignoreUnfixed) {
         runner.arg(["--ignore-unfixed"]);
     }
+    if (options.length) {
+        runner.line(options)
+    }
 
     runner.arg(target)
 }

diff --git a/trivy-task/task.json b/trivy-task/task.json
@@ -105,11 +105,19 @@
             "defaultValue": "false",
             "required": false,
             "helpMarkDown": "Not recommended."
+        },
+        {
+            "name": "options",
+            "type": "string",
+            "label": "Additional Options",
+            "defaultValue": "",
+            "required": false,
+            "helpMarkDown": "Additional flags to pass to Trivy command line."
         }
     ],
     "execution": {
         "Node10": {
             "target": "index.js"
         }
     }
-}
+}