@@ -24,7 +24,7 @@ set -o pipefail
24
24
25
25
function usage() {
26
26
echo " Usage:"
27
- echo " hack/scan-image-vuln.sh [-i imageRef] [-r registry] [-v version] [-s skip-image-generation] [-h]"
27
+ echo " hack/scan-image-vuln.sh [-i imageRef] [-r registry] [-v version] [-s skip-image-generation] [-f format][- h]"
28
28
echo " Examples:"
29
29
echo " # starts a images scanning with specific image provided"
30
30
echo " hack/scan-image-vuln.sh -i docker.io/karmada/karmada-controller-manager:v1.8.0"
@@ -40,13 +40,11 @@ function usage() {
40
40
echo " r registry: registry of images"
41
41
echo " v version: version of images"
42
42
echo " s skip-image-generation: whether to skip image generation"
43
+ echo " f format: output format(table). must be one of ['table' 'json' 'template' 'sarif' 'cyclonedx' 'spdx' 'spdx-json' 'github' 'cosign-vuln']"
43
44
echo " h: print help information"
44
45
}
45
46
46
- SKIP_IMAGE_GENERAION=" false"
47
- IMAGEREF=" "
48
-
49
- while getopts ' h:si:r:v:' OPT; do
47
+ while getopts ' h:si:r:v:f:' OPT; do
50
48
case $OPT in
51
49
h)
52
50
usage
@@ -60,13 +58,19 @@ while getopts 'h:si:r:v:' OPT; do
60
58
REGISTRY=${OPTARG} ;;
61
59
v)
62
60
VERSION=${OPTARG} ;;
61
+ f)
62
+ FORMAT=${OPTARG} ;;
63
63
? )
64
64
usage
65
65
exit 1
66
66
;;
67
67
esac
68
68
done
69
69
70
+ FORMAT=${FORMAT:- " table" }
71
+ SKIP_IMAGE_GENERAION=${SKIP_IMAGE_GENERAION:- " false" }
72
+ IMAGEREF=${IMAGEREF:- " " }
73
+
70
74
source " hack/util.sh"
71
75
72
76
echo -n " Preparing: 'trivy' existence check - "
79
83
80
84
if [ ${IMAGEREF} ]; then
81
85
echo " ---------------------------- the image scanning result of Image <<${IMAGEREF} >> ----------------------------"
82
- trivy image --format table --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q ${IMAGEREF}
86
+ trivy image --format ${FORMAT} --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q ${IMAGEREF}
83
87
exit 0
84
88
fi
85
89
@@ -110,5 +114,5 @@ for image in ${IMAGE_ARRAR[@]}
110
114
do
111
115
imageRef=" $REGISTRY /$image :$VERSION "
112
116
echo " ---------------------------- the image scanning result of Image <<$imageRef >> ----------------------------"
113
- trivy image --format table --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q $imageRef
117
+ trivy image --format ${FORMAT} --ignore-unfixed --vuln-type os,library --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL -q $imageRef
114
118
done
0 commit comments