@@ -6,7 +6,6 @@ class Trivy implements Serializable {
66 private Docker docker
77 private String trivyVersion
88 private String trivyDirectory = " trivy"
9- private String trivyReportFilenameWithoutExtension = trivyDirectory+ " /trivyReport"
109
1110 Trivy (script , Docker docker = new Docker (script), String trivyVersion = " 0.57.1"
1211 this . script = script
@@ -30,20 +29,20 @@ class Trivy implements Serializable {
3029 */
3130 boolean scanImage (
3231 String imageName ,
33- String trivyReportFilename = " ${ this.script.env.WORKSPACE} "
3432 String additionalFlags = " "
3533 String severityLevel = TrivySeverityLevel . CRITICAL ,
36- String strategy = TrivyScanStrategy . FAIL
34+ String strategy = TrivyScanStrategy . FAIL ,
35+ String trivyReportFile = " trivy/trivyReport.json"
3736 ) {
3837 int exitCode
3938 docker. image(" aquasec/trivy:${ trivyVersion} "
4039 .mountJenkinsUser()
4140 .mountDockerSocket()
4241 .inside(" -v ${ script.env.WORKSPACE} "
43- // Write result to $trivyReportFilename in json format (--format json), which can be converted in the saveFormattedTrivyReport function
42+ // Write result to $trivyReportFile in json format (--format json), which can be converted in the saveFormattedTrivyReport function
4443 // Exit with exit code 1 if vulnerabilities are found
4544 script. sh(" mkdir -p " + trivyDirectory)
46- exitCode = script. sh(script : " trivy image --exit-code 10 --exit-on-eol 10 --format ${ TrivyScanFormat.JSON} ${ trivyReportFilename } ${ severityLevel} ${ additionalFlags} ${ imageName} " returnStatus : true )
45+ exitCode = script. sh(script : " trivy image --exit-code 10 --exit-on-eol 10 --format ${ TrivyScanFormat.JSON} ${ trivyReportFile } ${ severityLevel} ${ additionalFlags} ${ imageName} " returnStatus : true )
4746 }
4847 switch (exitCode) {
4948 case 0 :
@@ -62,18 +61,22 @@ class Trivy implements Serializable {
6261 * Save the Trivy scan results as a file with a specific format
6362 *
6463 * @param format The format of the output file (@see TrivyScanFormat)
64+ * @param formattedTrivyReportFilename The file name your report files should get, without file extension. E.g. "ubuntu24report"
65+ * @param trivyReportFile The "trivyReportFile" parameter you used in the "scanImage" function, if it was set
6566 */
66- void saveFormattedTrivyReport (String format = TrivyScanFormat . HTML , String trivyReportFilename = " ${ script.env.WORKSPACE } / trivy/trivyReport.json"
67+ void saveFormattedTrivyReport (String format = TrivyScanFormat . HTML , String formattedTrivyReportFilename = " trivyReport " , String trivyReportFile = " trivy/trivyReport.json"
6768 String fileExtension
6869 String formatString
70+ String trivyDirectory = " trivy/"
6971 switch (format) {
7072 case TrivyScanFormat . HTML :
7173 formatString = " template --template \" @/contrib/html.tpl\" "
7274 fileExtension = " html"
7375 break
7476 case TrivyScanFormat . JSON :
75- // Result file is already in JSON format
76- return
77+ formatString = " json"
78+ fileExtension = " json"
79+ break
7780 case TrivyScanFormat . TABLE :
7881 formatString = " table"
7982 fileExtension = " txt"
@@ -84,8 +87,8 @@ class Trivy implements Serializable {
8487 }
8588 docker. image(" aquasec/trivy:${ trivyVersion} "
8689 .inside(" -v ${ script.env.WORKSPACE} "
87- script. sh(script : " trivy convert --format ${ formatString} ${ trivyReportFilenameWithoutExtension } ${ fileExtension} ${ trivyReportFilename } "
90+ script. sh(script : " trivy convert --format ${ formatString} ${ trivyDirectory }${ formattedTrivyReportFilename } ${ fileExtension} ${ trivyReportFile } "
8891 }
89- script. archiveArtifacts artifacts : " ${ trivyReportFilenameWithoutExtension } " allowEmptyArchive : true
92+ script. archiveArtifacts artifacts : " ${ trivyDirectory }${ formattedTrivyReportFilename } " allowEmptyArchive : true
9093 }
9194}
0 commit comments