Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(k8s): cyclonedx kbom support #4557

Merged
merged 16 commits into from
Jun 19, 2023
Merged

feat(k8s): cyclonedx kbom support #4557

merged 16 commits into from
Jun 19, 2023

Conversation

chen-keinan
Copy link
Contributor

@chen-keinan chen-keinan commented Jun 4, 2023
edited

Description

support cyclonedx kubernetes bom

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).

usage:

# trivy k8s cluster --format cyclonedx
{
  "bomFormat": "CycloneDX",
  "specVersion": "1.4",
  "serialNumber": "urn:uuid:280a88b1-3f06-458e-853a-b859a6b76ed3",
  "version": 1,
  "metadata": {
    "timestamp": "2023-06-15T06:35:12+00:00",
    "tools": [
      {
        "vendor": "aquasecurity",
        "name": "trivy",
        "version": "dev"
      }
    ],
    "component": {
      "bom-ref": "3ca4755b-dcab-49c7-8593-a62e132cfa18",
      "type": "container",
      "name": "kind-kind",
      "properties": []
    }
  },
  "components": [
    {
      "bom-ref": "09deecd9-4d71-4d41-bb97-381f41461743",
      "type": "operating-system",
      "name": "ubuntu",
      "version": "21.04",
      "properties": [
        {
          "name": "aquasecurity:trivy:Class",
          "value": "os-pkgs"
        },
        {
          "name": "aquasecurity:trivy:Type",
          "value": "ubuntu"
        }
      ]
    },
    {
      "bom-ref": "0ed5877d-de56-458a-b596-973397997b41",
      "type": "application",
      "name": "coredns-558bd4d5db-t5f4l",
      "properties": [
        {
          "name": "aquasecurity:trivy:addons",
          "value": "kube-dns"
        }
      ]
    },
    {
      "bom-ref": "40de83f5-a856-4104-91a0-1d59fcc58803",
      "type": "application",
      "name": "kube-controller-manager-kind-control-plane",
      "properties": [
        {
          "name": "aquasecurity:trivy:control_plane_components",
          "value": "kube-controller-manager"
        }
      ]
    },
    {
      "bom-ref": "497c7cad-12cc-4a8e-917e-fe6b9702db42",
      "type": "application",
      "name": "kube-apiserver-kind-control-plane",
      "properties": [
        {
          "name": "aquasecurity:trivy:control_plane_components",
          "value": "kube-apiserver"
        }
      ]
    },
    {
      "bom-ref": "4df8d851-8cc3-4d64-8a7e-6ed1efb3f97d",
      "type": "application",
      "name": "node-core-components",
      "properties": [
        {
          "name": "aquasecurity:trivy:Class",
          "value": "lang-pkgs"
        },
        {
          "name": "aquasecurity:trivy:Type",
          "value": "golang"
        }
      ]
    },
    {
      "bom-ref": "4fbc3673-54fc-4897-b688-47b578c9cfd0",
      "type": "application",
      "name": "kube-proxy-hgmbt",
      "properties": [
        {
          "name": "aquasecurity:trivy:addons",
          "value": "kube-proxy"
        }
      ]
    },
    {
      "bom-ref": "603e1d1e-98cf-42ba-920e-563a5cde410e",
      "type": "application",
      "name": "kindnet-rt7rc",
      "properties": [
        {
          "name": "aquasecurity:trivy:addons",
          "value": "kindnet"
        }
      ]
    },
    {
      "bom-ref": "7ea39473-d30b-4a0c-bea7-ef0280b228bb",
      "type": "application",
      "name": "etcd-kind-control-plane",
      "properties": [
        {
          "name": "aquasecurity:trivy:control_plane_components",
          "value": "etcd"
        }
      ]
    },
    {
      "bom-ref": "9aeb22d9-309b-4553-b42d-8aa5f08ac646",
      "type": "container",
      "name": "kind-control-plane",
      "properties": [
        {
          "name": "aquasecurity:trivy:architecture",
          "value": "arm64"
        },
        {
          "name": "aquasecurity:trivy:host_name",
          "value": "kind-control-plane"
        },
        {
          "name": "aquasecurity:trivy:kernel_version",
          "value": "6.2.15-300.fc38.aarch64"
        },
        {
          "name": "aquasecurity:trivy:node_role",
          "value": "master"
        },
        {
          "name": "aquasecurity:trivy:operating_system",
          "value": "linux"
        }
      ]
    },
    {
      "bom-ref": "da0371db-269b-45d6-b16f-18125d6cc221",
      "type": "application",
      "name": "kube-scheduler-kind-control-plane",
      "properties": [
        {
          "name": "aquasecurity:trivy:control_plane_components",
          "value": "kube-scheduler"
        }
      ]
    },
    {
      "bom-ref": "fc2c920d-62c9-4265-9696-09ca8f243f5f",
      "type": "application",
      "name": "coredns-558bd4d5db-gmw9d",
      "properties": [
        {
          "name": "aquasecurity:trivy:addons",
          "value": "kube-dns"
        }
      ]
    },
    {
      "bom-ref": "pkg:golang/github.com%2Fcontainerd%2Fcontainerd@1.5.2",
      "type": "library",
      "name": "github.com/containerd/containerd",
      "version": "1.5.2",
      "purl": "pkg:golang/github.com%2Fcontainerd%2Fcontainerd@1.5.2",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "golang"
        }
      ]
    },
    {
      "bom-ref": "pkg:golang/k8s.io%2Fkubelet@1.21.1",
      "type": "library",
      "name": "k8s.io/kubelet",
      "version": "1.21.1",
      "purl": "pkg:golang/k8s.io%2Fkubelet@1.21.1",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "golang"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/coredns@sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8?repository_url=k8s.gcr.io%2Fcoredns%2Fcoredns\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/coredns/coredns",
      "version": "sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8",
      "purl": "pkg:oci/coredns@sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8?repository_url=k8s.gcr.io%2Fcoredns%2Fcoredns\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/coredns/coredns:1.8.0"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/etcd@sha256:05b738aa1bc6355db8a2ee8639f3631b908286e43f584a3d2ee0c472de033c28?repository_url=k8s.gcr.io%2Fetcd\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/etcd",
      "version": "sha256:05b738aa1bc6355db8a2ee8639f3631b908286e43f584a3d2ee0c472de033c28",
      "purl": "pkg:oci/etcd@sha256:05b738aa1bc6355db8a2ee8639f3631b908286e43f584a3d2ee0c472de033c28?repository_url=k8s.gcr.io%2Fetcd\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/etcd:3.4.13-0"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/kindnetd@sha256:f37b7c809e5dcc2090371f933f7acb726bb1bffd5652980d2e1d7e2eff5cd301?repository_url=index.docker.io%2Fkindest%2Fkindnetd\u0026arch=",
      "type": "container",
      "name": "index.docker.io/kindest/kindnetd",
      "version": "sha256:f37b7c809e5dcc2090371f933f7acb726bb1bffd5652980d2e1d7e2eff5cd301",
      "purl": "pkg:oci/kindnetd@sha256:f37b7c809e5dcc2090371f933f7acb726bb1bffd5652980d2e1d7e2eff5cd301?repository_url=index.docker.io%2Fkindest%2Fkindnetd\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "index.docker.io/kindest/kindnetd:20210326-1e038dc5"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/kube-apiserver@sha256:18e61c783b41758dd391ab901366ec3546b26fae00eef7e223d1f94da808e02f?repository_url=k8s.gcr.io%2Fkube-apiserver\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/kube-apiserver",
      "version": "sha256:18e61c783b41758dd391ab901366ec3546b26fae00eef7e223d1f94da808e02f",
      "purl": "pkg:oci/kube-apiserver@sha256:18e61c783b41758dd391ab901366ec3546b26fae00eef7e223d1f94da808e02f?repository_url=k8s.gcr.io%2Fkube-apiserver\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/kube-apiserver:1.21.1"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/kube-controller-manager@sha256:0c6dccae49de8003ee4fa06db04a9f13bb46cbaad03977e6baa21174f2dba2fc?repository_url=k8s.gcr.io%2Fkube-controller-manager\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/kube-controller-manager",
      "version": "sha256:0c6dccae49de8003ee4fa06db04a9f13bb46cbaad03977e6baa21174f2dba2fc",
      "purl": "pkg:oci/kube-controller-manager@sha256:0c6dccae49de8003ee4fa06db04a9f13bb46cbaad03977e6baa21174f2dba2fc?repository_url=k8s.gcr.io%2Fkube-controller-manager\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/kube-controller-manager:1.21.1"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/kube-proxy@sha256:4bbef4ca108cdc3b99fe23d487fa4fca933a62c4fc720626a3706df9cef63b21?repository_url=k8s.gcr.io%2Fkube-proxy\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/kube-proxy",
      "version": "sha256:4bbef4ca108cdc3b99fe23d487fa4fca933a62c4fc720626a3706df9cef63b21",
      "purl": "pkg:oci/kube-proxy@sha256:4bbef4ca108cdc3b99fe23d487fa4fca933a62c4fc720626a3706df9cef63b21?repository_url=k8s.gcr.io%2Fkube-proxy\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/kube-proxy:1.21.1"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    },
    {
      "bom-ref": "pkg:oci/kube-scheduler@sha256:8c783dd2520887cc8e7908489ffc9f356c82436ba0411d554237a0b9632c9b87?repository_url=k8s.gcr.io%2Fkube-scheduler\u0026arch=",
      "type": "container",
      "name": "k8s.gcr.io/kube-scheduler",
      "version": "sha256:8c783dd2520887cc8e7908489ffc9f356c82436ba0411d554237a0b9632c9b87",
      "purl": "pkg:oci/kube-scheduler@sha256:8c783dd2520887cc8e7908489ffc9f356c82436ba0411d554237a0b9632c9b87?repository_url=k8s.gcr.io%2Fkube-scheduler\u0026arch=",
      "properties": [
        {
          "name": "aquasecurity:trivy:PkgID",
          "value": "k8s.gcr.io/kube-scheduler:1.21.1"
        },
        {
          "name": "aquasecurity:trivy:PkgType",
          "value": "oci"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "09deecd9-4d71-4d41-bb97-381f41461743",
      "dependsOn": []
    },
    {
      "ref": "0ed5877d-de56-458a-b596-973397997b41",
      "dependsOn": [
        "pkg:oci/coredns@sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8?repository_url=k8s.gcr.io%2Fcoredns%2Fcoredns\u0026arch="
      ]
    },
    {
      "ref": "3ca4755b-dcab-49c7-8593-a62e132cfa18",
      "dependsOn": [
        "0ed5877d-de56-458a-b596-973397997b41",
        "40de83f5-a856-4104-91a0-1d59fcc58803",
        "497c7cad-12cc-4a8e-917e-fe6b9702db42",
        "4fbc3673-54fc-4897-b688-47b578c9cfd0",
        "603e1d1e-98cf-42ba-920e-563a5cde410e",
        "7ea39473-d30b-4a0c-bea7-ef0280b228bb",
        "9aeb22d9-309b-4553-b42d-8aa5f08ac646",
        "da0371db-269b-45d6-b16f-18125d6cc221",
        "fc2c920d-62c9-4265-9696-09ca8f243f5f"
      ]
    },
    {
      "ref": "40de83f5-a856-4104-91a0-1d59fcc58803",
      "dependsOn": [
        "pkg:oci/kube-controller-manager@sha256:0c6dccae49de8003ee4fa06db04a9f13bb46cbaad03977e6baa21174f2dba2fc?repository_url=k8s.gcr.io%2Fkube-controller-manager\u0026arch="
      ]
    },
    {
      "ref": "497c7cad-12cc-4a8e-917e-fe6b9702db42",
      "dependsOn": [
        "pkg:oci/kube-apiserver@sha256:18e61c783b41758dd391ab901366ec3546b26fae00eef7e223d1f94da808e02f?repository_url=k8s.gcr.io%2Fkube-apiserver\u0026arch="
      ]
    },
    {
      "ref": "4df8d851-8cc3-4d64-8a7e-6ed1efb3f97d",
      "dependsOn": [
        "pkg:golang/github.com%2Fcontainerd%2Fcontainerd@1.5.2",
        "pkg:golang/k8s.io%2Fkubelet@1.21.1"
      ]
    },
    {
      "ref": "4fbc3673-54fc-4897-b688-47b578c9cfd0",
      "dependsOn": [
        "pkg:oci/kube-proxy@sha256:4bbef4ca108cdc3b99fe23d487fa4fca933a62c4fc720626a3706df9cef63b21?repository_url=k8s.gcr.io%2Fkube-proxy\u0026arch="
      ]
    },
    {
      "ref": "603e1d1e-98cf-42ba-920e-563a5cde410e",
      "dependsOn": [
        "pkg:oci/kindnetd@sha256:f37b7c809e5dcc2090371f933f7acb726bb1bffd5652980d2e1d7e2eff5cd301?repository_url=index.docker.io%2Fkindest%2Fkindnetd\u0026arch="
      ]
    },
    {
      "ref": "7ea39473-d30b-4a0c-bea7-ef0280b228bb",
      "dependsOn": [
        "pkg:oci/etcd@sha256:05b738aa1bc6355db8a2ee8639f3631b908286e43f584a3d2ee0c472de033c28?repository_url=k8s.gcr.io%2Fetcd\u0026arch="
      ]
    },
    {
      "ref": "9aeb22d9-309b-4553-b42d-8aa5f08ac646",
      "dependsOn": [
        "09deecd9-4d71-4d41-bb97-381f41461743",
        "4df8d851-8cc3-4d64-8a7e-6ed1efb3f97d"
      ]
    },
    {
      "ref": "da0371db-269b-45d6-b16f-18125d6cc221",
      "dependsOn": [
        "pkg:oci/kube-scheduler@sha256:8c783dd2520887cc8e7908489ffc9f356c82436ba0411d554237a0b9632c9b87?repository_url=k8s.gcr.io%2Fkube-scheduler\u0026arch="
      ]
    },
    {
      "ref": "fc2c920d-62c9-4265-9696-09ca8f243f5f",
      "dependsOn": [
        "pkg:oci/coredns@sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8?repository_url=k8s.gcr.io%2Fcoredns%2Fcoredns\u0026arch="
      ]
    },
    {
      "ref": "pkg:golang/github.com%2Fcontainerd%2Fcontainerd@1.5.2",
      "dependsOn": []
    },
    {
      "ref": "pkg:golang/k8s.io%2Fkubelet@1.21.1",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/coredns@sha256:1a1f05a2cd7c2fbfa7b45b21128c8a4880c003ca482460081dc12d76bfa863e8?repository_url=k8s.gcr.io%2Fcoredns%2Fcoredns\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/etcd@sha256:05b738aa1bc6355db8a2ee8639f3631b908286e43f584a3d2ee0c472de033c28?repository_url=k8s.gcr.io%2Fetcd\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/kindnetd@sha256:f37b7c809e5dcc2090371f933f7acb726bb1bffd5652980d2e1d7e2eff5cd301?repository_url=index.docker.io%2Fkindest%2Fkindnetd\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/kube-apiserver@sha256:18e61c783b41758dd391ab901366ec3546b26fae00eef7e223d1f94da808e02f?repository_url=k8s.gcr.io%2Fkube-apiserver\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/kube-controller-manager@sha256:0c6dccae49de8003ee4fa06db04a9f13bb46cbaad03977e6baa21174f2dba2fc?repository_url=k8s.gcr.io%2Fkube-controller-manager\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/kube-proxy@sha256:4bbef4ca108cdc3b99fe23d487fa4fca933a62c4fc720626a3706df9cef63b21?repository_url=k8s.gcr.io%2Fkube-proxy\u0026arch=",
      "dependsOn": []
    },
    {
      "ref": "pkg:oci/kube-scheduler@sha256:8c783dd2520887cc8e7908489ffc9f356c82436ba0411d554237a0b9632c9b87?repository_url=k8s.gcr.io%2Fkube-scheduler\u0026arch=",
      "dependsOn": []
    }
  ],
  "vulnerabilities": []
}

@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch from 0e51c07 to 38c2280 Compare June 5, 2023 10:56
@chen-keinan chen-keinan changed the title feat: cyclonedx kbom support feat(k8s): cyclonedx kbom support Jun 5, 2023
@chen-keinan chen-keinan mentioned this pull request Jun 5, 2023
Closed
4 tasks
@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch 2 times, most recently from cd90a14 to 5c9453f Compare June 6, 2023 08:01
@chen-keinan chen-keinan marked this pull request as ready for review June 6, 2023 12:57
@itaysk itaysk mentioned this pull request Jun 7, 2023
Open
@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch 3 times, most recently from 270f85a to ba1c51d Compare June 11, 2023 07:05
itaysk
itaysk reviewed Jun 11, 2023
View reviewed changes
docs/docs/target/kubernetes.md Outdated Show resolved Hide resolved
docs/docs/supply-chain/sbom.md Outdated Show resolved Hide resolved
@chen-keinan
Copy link
Contributor Author

chen-keinan commented Jun 11, 2023
edited

@itaysk review the core component properties, the above example is updated following to code changes

knqyf263
knqyf263 reviewed Jun 13, 2023
View reviewed changes
pkg/sbom/cyclonedx/marshal.go Outdated Show resolved Hide resolved
pkg/report/cyclonedx/cyclonedx.go Outdated Show resolved Hide resolved
pkg/report/cyclonedx/cyclonedx.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch 2 times, most recently from 0d0178b to 08b76f1 Compare June 14, 2023 08:16
knqyf263
knqyf263 reviewed Jun 14, 2023
View reviewed changes
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner.go Outdated Show resolved Hide resolved
pkg/k8s/scanner/scanner_test.go Outdated Show resolved Hide resolved
pkg/report/cyclonedx/cyclonedx.go Outdated Show resolved Hide resolved
@chen-keinan
Copy link
Contributor Author

@knqyf263 comments has been addressed

@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch from 93f993e to 3858a12 Compare June 15, 2023 10:40
knqyf263
knqyf263 reviewed Jun 15, 2023
View reviewed changes
go.mod Outdated Show resolved Hide resolved
@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch from 03283c5 to 18c102b Compare June 15, 2023 18:22
@chen-keinan
feat: cyclonedx kbom support
6fbb019 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: cyclonedx kbom support
b10dbd5 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
4d97ca8 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
5383849 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
d42377d 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
2b85e77 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
a64809b 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
91824de 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
chore: update sum db
9877d94 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
chore: update sum db
d18c1ab 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
a27ad79 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
c27fc70 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
chore: update sumdb
47b491f 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan chen-keinan force-pushed the feat/kubernetes-bill-of-materials branch from 88ec55d to 47b491f Compare June 19, 2023 05:56
@chen-keinan
chore: update sumdb
3dd6dcc 
Signed-off-by: chenk <hen.keinan@gmail.com>
@knqyf263
Copy link
Collaborator

The database is downloaded with KBOM. Is it intended?

$ trivy k8s cluster --format cyclonedx
2023-06-19T11:14:06.338+0300    INFO    Loaded trivy.yaml
2023-06-19T11:14:06.460+0300    INFO    Need to update DB
2023-06-19T11:14:06.460+0300    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db
2023-06-19T11:14:06.460+0300    INFO    Downloading DB...
13.66 MiB / 37.76 MiB [----------------------------->____________________________________________________] 36.16% 552.13 KiB p/s ETA 44s

@knqyf263
Copy link
Collaborator

knqyf263 commented Jun 19, 2023
edited

"name": "aquasecurity:trivy:control_plane_components",

Can we use the upper camel case (a.k.a pascal case) to get aligned with other properties?

"name": "aquasecurity:trivy:PkgID",

@chen-keinan
feat: kubernetes bill of materials
4294586 
Signed-off-by: chenk <hen.keinan@gmail.com>
@chen-keinan
feat: kubernetes bill of materials
9074a64 
Signed-off-by: chenk <hen.keinan@gmail.com>
knqyf263
knqyf263 approved these changes Jun 19, 2023
View reviewed changes
Copy link
Collaborator

@knqyf263 knqyf263 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM🚢

@knqyf263 knqyf263 added this pull request to the merge queue Jun 19, 2023
Merged via the queue into aquasecurity:main with commit 35c4262 Jun 19, 2023
17 checks passed
AnaisUrlichs pushed a commit to AnaisUrlichs/trivy that referenced this pull request Aug 10, 2023
@chen-keinan @AnaisUrlichs
feat(k8s): cyclonedx kbom support (aquasecurity#4557)
ad004f1 
* feat: cyclonedx kbom support

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: cyclonedx kbom support

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* chore: update sum db

Signed-off-by: chenk <hen.keinan@gmail.com>

* chore: update sum db

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* chore: update sumdb

Signed-off-by: chenk <hen.keinan@gmail.com>

* chore: update sumdb

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

* feat: kubernetes bill of materials

Signed-off-by: chenk <hen.keinan@gmail.com>

---------

Signed-off-by: chenk <hen.keinan@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@itaysk itaysk itaysk left review comments

@knqyf263 knqyf263 knqyf263 approved these changes

@AnaisUrlichs AnaisUrlichs AnaisUrlichs approved these changes

@josedonizetti josedonizetti Awaiting requested review from josedonizetti

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cycloneDX - kubernetes bill of materials support
4 participants
@chen-keinan @knqyf263 @itaysk @AnaisUrlichs