github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/k8s/commands/cluster.go (about) 1 package commands 2 3 import ( 4 "context" 5 6 "golang.org/x/exp/slices" 7 "golang.org/x/xerrors" 8 9 k8sArtifacts "github.com/aquasecurity/trivy-kubernetes/pkg/artifacts" 10 "github.com/aquasecurity/trivy-kubernetes/pkg/k8s" 11 "github.com/aquasecurity/trivy-kubernetes/pkg/trivyk8s" 12 "github.com/devseccon/trivy/pkg/flag" 13 "github.com/devseccon/trivy/pkg/log" 14 "github.com/devseccon/trivy/pkg/types" 15 ) 16 17 // clusterRun runs scan on kubernetes cluster 18 func clusterRun(ctx context.Context, opts flag.Options, cluster k8s.Cluster) error { 19 if err := validateReportArguments(opts); err != nil { 20 return err 21 } 22 var artifacts []*k8sArtifacts.Artifact 23 var err error 24 switch opts.Format { 25 case types.FormatCycloneDX: 26 artifacts, err = trivyk8s.New(cluster, log.Logger).ListBomInfo(ctx) 27 if err != nil { 28 return xerrors.Errorf("get k8s artifacts with node info error: %w", err) 29 } 30 case types.FormatJSON, types.FormatTable: 31 if opts.Scanners.AnyEnabled(types.MisconfigScanner) && slices.Contains(opts.Components, "infra") { 32 artifacts, err = trivyk8s.New(cluster, log.Logger).ListArtifactAndNodeInfo(ctx, opts.NodeCollectorNamespace, opts.ExcludeNodes, opts.Tolerations...) 33 if err != nil { 34 return xerrors.Errorf("get k8s artifacts with node info error: %w", err) 35 } 36 } else { 37 artifacts, err = trivyk8s.New(cluster, log.Logger).ListArtifacts(ctx) 38 if err != nil { 39 return xerrors.Errorf("get k8s artifacts error: %w", err) 40 } 41 } 42 default: 43 return xerrors.Errorf(`unknown format %q. Use "json" or "table" or "cyclonedx"`, opts.Format) 44 } 45 46 runner := newRunner(opts, cluster.GetCurrentContext()) 47 return runner.run(ctx, artifacts) 48 }