resolved: SAAS-4861 add triggered by flag, and to each created scan (#74

) * resolved: SAAS-4861 add triggered by flag, and to each created scan * resolved: SAAS-4861 to upper in main one time * resolved: SAAS-4861 add err check
aquasecurity · Apr 18, 2022 · e849065 · e849065
1 parent 3781259
commit e849065
Show file tree

Hide file tree

Showing 6 changed files with 372 additions and 272 deletions.
diff --git a/cmd/aqua/main.go b/cmd/aqua/main.go
@@ -41,11 +41,6 @@ func main() {
 			Usage:   "Add this flag if you want test failed policy locally before sending PR",
 			EnvVars: []string{"TRIVY_SKIP_RESULT_UPLOAD"},
 		},
-		&cli.BoolFlag{
-			Name:    "pr-scan",
-			Usage:   "Add this flag if you want scan only PR diff",
-			EnvVars: []string{"TRIVY_PR_SCAN"},
-		},
 		&cli.BoolFlag{
 			Name:    "skip-policy-exit-code",
 			Usage:   "Add this flag if you want skip policies exit code",
@@ -65,6 +60,11 @@ func main() {
 			EnvVars: []string{"TRIVY_SECURITY_CHECKS"},
 			Hidden:  true,
 		},
+		&cli.StringFlag{
+			Name:    "triggered-by",
+			Usage:   "Add this flag to determine where the scan is coming from (push, pr, offline)",
+			EnvVars: []string{"TRIGGERED_BY"},
+		},
 	)
 
 	fsCmd := commands.NewFilesystemCommand()
@@ -75,11 +75,6 @@ func main() {
 			Usage:   "Add this flag if you want test failed policy locally before sending PR",
 			EnvVars: []string{"TRIVY_SKIP_RESULT_UPLOAD"},
 		},
-		&cli.BoolFlag{
-			Name:    "pr-scan",
-			Usage:   "Add this flag if you want scan only PR diff",
-			EnvVars: []string{"TRIVY_PR_SCAN"},
-		},
 		&cli.BoolFlag{
 			Name:    "skip-policy-exit-code",
 			Usage:   "Add this flag if you want skip policies exit code",
@@ -90,6 +85,11 @@ func main() {
 			Usage:   "Add this flag if you want run in debug mode",
 			EnvVars: []string{"DEBUG"},
 		},
+		&cli.StringFlag{
+			Name:    "triggered-by",
+			Usage:   "Add this flag to determine where the scan is coming from (push, pr, offline)",
+			EnvVars: []string{"TRIGGERED_BY"},
+		},
 	)
 
 	imageCmd := commands.NewImageCommand()
@@ -131,6 +131,11 @@ func runScan(c *cli.Context) error {
 			return err
 		}
 	}
+	if c.String("triggered-by") != "" {
+		if err := c.Set("triggered-by", strings.ToUpper(c.String("triggered-by"))); err != nil {
+			return err
+		}
+	}
 
 	debug := c.Bool("debug")
 
@@ -169,7 +174,7 @@ func runScan(c *cli.Context) error {
 		return err
 	}
 
-	if c.Bool("pr-scan") {
+	if c.String("triggered-by") == "PR" {
 		results, err = processor.PrDiffResults(results)
 		if err != nil {
 			return err

diff --git a/pkg/buildClient/upload.go b/pkg/buildClient/upload.go
@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/aquasecurity/trivy-plugin-aqua/pkg/scanner"
+
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/metadata"
 	"github.com/aquasecurity/trivy-plugin-aqua/pkg/proto/buildsecurity"
 )
@@ -33,6 +35,7 @@ func (bc *TwirpClient) Upload(results []*buildsecurity.Result, tags map[string]s
 		Commit:       commitId,
 		System:       buildSystem,
 		Tags:         tags,
+		TriggeredBy:  scanner.MatchTriggeredBy(bc.c.String("triggered-by")),
 	}
 
 	_, err = client.CreateScan(ctx, createScanReq)

diff --git a/pkg/proto/buildsecurity.proto b/pkg/proto/buildsecurity.proto
@@ -43,6 +43,14 @@ message CreateScanReq {
   string Commit = 5;
   repeated Result Results = 7;
   map<string, string> Tags = 8;
+  TriggeredByEnum TriggeredBy = 9;
+}
+
+enum TriggeredByEnum {
+  TRIGGERED_BY_UNKNOWN = 0;
+  TRIGGERED_BY_PUSH = 1;
+  TRIGGERED_BY_PR = 2;
+  TRIGGERED_BY_OFFLINE = 3;
 }
 
 message CreateScanResp {