Add reset and clear-cache option

aquasecurity · May 14, 2019 · 9a67f0d · 9a67f0d
1 parent 17b5a60
commit 9a67f0d
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 11 deletions.
diff --git a/cmd/trivy/main.go b/cmd/trivy/main.go
@@ -70,8 +70,12 @@ OPTIONS:
 			Usage: "skip db update",
 		},
 		cli.BoolFlag{
-			Name:  "clean, c",
-			Usage: "clean all cache",
+			Name:  "reset",
+			Usage: "remove all caches and database",
+		},
+		cli.BoolFlag{
+			Name:  "clear-cache, c",
+			Usage: "clear image caches",
 		},
 		cli.BoolFlag{
 			Name:  "quiet, q",

diff --git a/pkg/run.go b/pkg/run.go
@@ -31,9 +31,8 @@ func Run(c *cli.Context) (err error) {
 	}
 	log.Logger.Debugf("cache dir:  %s", utils.CacheDir())
 
-	clean := c.Bool("clean")
-	if clean {
-		log.Logger.Info("Cleaning caches...")
+	if c.Bool("reset") {
+		log.Logger.Info("Resetting...")
 		if err = cache.Clear(); err != nil {
 			return xerrors.New("failed to remove image layer cache")
 		}
@@ -43,6 +42,13 @@ func Run(c *cli.Context) (err error) {
 		return nil
 	}
 
+	if c.Bool("clear-cache") {
+		log.Logger.Info("Removing image caches...")
+		if err = cache.Clear(); err != nil {
+			return xerrors.New("failed to remove image layer cache")
+		}
+	}
+
 	args := c.Args()
 	filePath := c.String("input")
 	if filePath == "" && len(args) == 0 {

diff --git a/pkg/scanner/ospkg/redhat/redhat.go b/pkg/scanner/ospkg/redhat/redhat.go
@@ -38,13 +38,15 @@ func (s *Scanner) Detect(osVer string, pkgs []analyzer.Package) ([]vulnerability
 		for _, adv := range advisories {
 			fixedVersion := version.NewVersion(adv.FixedVersion)
 
+			vuln := vulnerability.DetectedVulnerability{
+				VulnerabilityID:  adv.VulnerabilityID,
+				PkgName:          pkg.Name,
+				InstalledVersion: installed,
+			}
 			if installedVersion.LessThan(fixedVersion) {
-				vuln := vulnerability.DetectedVulnerability{
-					VulnerabilityID:  adv.VulnerabilityID,
-					PkgName:          pkg.Name,
-					InstalledVersion: installed,
-					FixedVersion:     adv.FixedVersion,
-				}
+				vuln.FixedVersion = adv.FixedVersion
+				vulns = append(vulns, vuln)
+			} else if adv.FixedVersion == "" {
 				vulns = append(vulns, vuln)
 			}
 		}