From 822902af527b5a68916a3d33db2d113ec45dfa5c Mon Sep 17 00:00:00 2001 From: weaving Date: Tue, 30 May 2023 17:01:22 +0800 Subject: [PATCH 1/2] =?UTF-8?q?feat:=20=E7=BB=9F=E4=B8=80=E6=89=AB?= =?UTF-8?q?=E6=8F=8F=E5=99=A8=E7=A6=BB=E7=BA=BF=E7=9B=B8=E5=85=B3=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E5=A4=84=E7=90=86=E9=80=BB=E8=BE=91=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- trivy/pkg/constant/trivy.go | 3 +++ trivy/pkg/scan_executor.go | 21 ++++++++++++++------- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/trivy/pkg/constant/trivy.go b/trivy/pkg/constant/trivy.go index 48a0fe0..fa22073 100644 --- a/trivy/pkg/constant/trivy.go +++ b/trivy/pkg/constant/trivy.go @@ -82,3 +82,6 @@ const ArgDbDownloadUrl = "dbDownloadUrl" // ArgJavaDbDownloadUrl java漏洞库下载地址 const ArgJavaDbDownloadUrl = "javaDbDownloadUrl" + +// ConfigOffline 是否使用离线模式 +const ConfigOffline = "offline" diff --git a/trivy/pkg/scan_executor.go b/trivy/pkg/scan_executor.go index 75d41df..c5a7eff 100644 --- a/trivy/pkg/scan_executor.go +++ b/trivy/pkg/scan_executor.go @@ -17,7 +17,10 @@ type TrivyExecutor struct{} // Execute 执行分析 func (e TrivyExecutor) Execute(config *object.ToolConfig, file *os.File) (*object.ToolOutput, error) { - offline := len(config.GetStringArg(constant.ArgDbDownloadUrl)) > 0 + offline, err := config.GetBoolArg(constant.ConfigOffline) + if err != nil { + return nil, err + } if offline { if err := downloadAllDB(config); err != nil { return nil, err @@ -34,16 +37,20 @@ func downloadAllDB(config *object.ToolConfig) error { downloader := &util.DefaultDownloader{} // download db url := config.GetStringArg(constant.ArgDbDownloadUrl) - dbDir := filepath.Join(constant.DbCacheDir, constant.DbDir) - if err := util.ExtractTarUrl(url, dbDir, 0770, downloader); err != nil { - return err + if len(url) > 0 { + dbDir := filepath.Join(constant.DbCacheDir, constant.DbDir) + if err := util.ExtractTarUrl(url, dbDir, 0770, downloader); err != nil { + return err + } } // download java db javaDbUrl := config.GetStringArg(constant.ArgJavaDbDownloadUrl) - javaDbDir := filepath.Join(constant.DbCacheDir, constant.JavaDbDir) - if err := util.ExtractTarUrl(javaDbUrl, javaDbDir, 0770, downloader); err != nil { - return err + if len(javaDbUrl) == 0 { + javaDbDir := filepath.Join(constant.DbCacheDir, constant.JavaDbDir) + if err := util.ExtractTarUrl(javaDbUrl, javaDbDir, 0770, downloader); err != nil { + return err + } } return nil } From 41b2ed3fc4cc21b6a882b89b08518117e0bb92d0 Mon Sep 17 00:00:00 2001 From: "onnt1997@outlook.com" Date: Tue, 30 May 2023 22:19:19 +0800 Subject: [PATCH 2/2] =?UTF-8?q?feat:=20=E7=BB=9F=E4=B8=80=E6=89=AB?= =?UTF-8?q?=E6=8F=8F=E5=99=A8=E7=A6=BB=E7=BA=BF=E7=9B=B8=E5=85=B3=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E5=A4=84=E7=90=86=E9=80=BB=E8=BE=91=20--=20=E5=85=BC?= =?UTF-8?q?=E5=AE=B9=E5=8E=86=E5=8F=B2=E9=85=8D=E7=BD=AE=20#39?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- trivy/pkg/scan_executor.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/trivy/pkg/scan_executor.go b/trivy/pkg/scan_executor.go index c5a7eff..083c1d7 100644 --- a/trivy/pkg/scan_executor.go +++ b/trivy/pkg/scan_executor.go @@ -19,7 +19,7 @@ type TrivyExecutor struct{} func (e TrivyExecutor) Execute(config *object.ToolConfig, file *os.File) (*object.ToolOutput, error) { offline, err := config.GetBoolArg(constant.ConfigOffline) if err != nil { - return nil, err + offline = len(config.GetStringArg(constant.ArgDbDownloadUrl)) > 0 } if offline { if err := downloadAllDB(config); err != nil { @@ -46,7 +46,7 @@ func downloadAllDB(config *object.ToolConfig) error { // download java db javaDbUrl := config.GetStringArg(constant.ArgJavaDbDownloadUrl) - if len(javaDbUrl) == 0 { + if len(javaDbUrl) > 0 { javaDbDir := filepath.Join(constant.DbCacheDir, constant.JavaDbDir) if err := util.ExtractTarUrl(javaDbUrl, javaDbDir, 0770, downloader); err != nil { return err