Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!: add clean subcommand #6993

Merged
merged 13 commits into from
Jun 25, 2024
Merged

feat!: add clean subcommand #6993

merged 13 commits into from
Jun 25, 2024

Conversation

knqyf263
Copy link
Collaborator

Description

Delete cache management flags and add trivy clean.

Clear all caches

Before

$ trivy image --reset

After

$ trivy clean --all

Clear scan cache

Before

$ trivy image --clear-cache

After

$ trivy clean --scan-cache

Clear checks bundle

Before

$ trivy config --reset-checks-bundle

After

$ trivy clean --checks-bundle

Clear vulnerability database

Before

N/A (trivy image --reset removes all)

After

$ trivy clean --vuln-db

Clear Java database

Before

N/A (trivy image --reset removes all)

After

$ trivy clean --java-db

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@knqyf263
feat!: add clean subcommand
bddaa1c 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263 knqyf263 added the kind/breaking Categorizes issue or PR as related to breaking compatibility. label Jun 21, 2024
@knqyf263 knqyf263 marked this pull request as ready for review June 21, 2024 18:31
@knqyf263 knqyf263 requested a review from a team June 21, 2024 18:31
@knqyf263 knqyf263 self-assigned this Jun 21, 2024
DmitriyLewen
DmitriyLewen reviewed Jun 24, 2024
View reviewed changes
Copy link
Contributor

@DmitriyLewen DmitriyLewen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@knqyf263 i found that we show 2 same errors:

➜  ./trivy -d image --reset alpine
2024-06-24T11:18:41+06:00       ERROR   "--reset" was removed. Use "trivy clean --all" instead.
2024-06-24T11:18:41+06:00       FATAL   Fatal error     flag error: db flag error: unable to parse flag: "--reset" was removed

pkg/commands/clean/run.go Show resolved Hide resolved
pkg/commands/clean/run.go Outdated Show resolved Hide resolved
pkg/flag/db_flags.go Show resolved Hide resolved
pkg/flag/clean_flags.go Outdated Show resolved Hide resolved
docs/docs/configuration/cache.md Show resolved Hide resolved
docs/docs/configuration/cache.md Outdated Show resolved Hide resolved
docs/docs/configuration/db.md Outdated Show resolved Hide resolved
docs/tutorials/integrations/gitlab-ci.md Show resolved Hide resolved
knqyf263 and others added 2 commits June 24, 2024 10:30
@knqyf263
docs: update clean command
361db19 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263 @DmitriyLewen
Update pkg/commands/clean/run.go
0e3253f 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
@knqyf263
Copy link
Collaborator Author

2024-06-24T11:18:41+06:00 ERROR "--reset" was removed. Use "trivy clean --all" instead.
2024-06-24T11:18:41+06:00 FATAL Fatal error flag error: db flag error: unable to parse flag: "--reset" was removed

I returned Use "trivy clean --all" instead as an error, but it appears at the end of the log message and is therefore difficult to find as below.

2024-06-24T11:18:41+06:00 FATAL Fatal error flag error: db flag error: unable to parse flag: "--reset" was removed.
use "trivy clean --all" instead.

I eventually separated the error message. In short, it's intended.

If you don't like "--reset" was removed. is displayed twice, I can change the error message.

@knqyf263
refactor: move logging under commands
c394d83 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@DmitriyLewen
Copy link
Contributor

I eventually separated the error message. In short, it's intended.

Got it 😄
Then no problem 👍

knqyf263 and others added 5 commits June 24, 2024 11:00
@knqyf263
feat: add "-a" alias
ba53b67 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263 @DmitriyLewen
Update docs/docs/configuration/db.md
d6e5c9b 
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
@knqyf263
chore: use a different message
5a989d4 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
revert: --clear-cache and --reset allow no args
75b5282 
`trivy image --clear-cache` now returns an error "Require at least 1 argument", then it doesn't show "Use 'trivy clean' instead".

Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
docs: auto generate
d866208 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
Copy link
Collaborator Author

@DmitriyLewen I change the message slightly.
5a989d4

@knqyf263
Copy link
Collaborator Author

@simar7 @nikpivkin According to the discussion in #6992, I didn't add --terraform-module flag. If you want to move the cache under the Trivy cache directory and let Trivy delete the cache, please feel free to open a new PR. I don't think it's a blocker of this PR.

@knqyf263 knqyf263 requested a review from DmitriyLewen June 24, 2024 08:04
DmitriyLewen
DmitriyLewen reviewed Jun 24, 2024
View reviewed changes
docs/docs/references/configuration/cli/trivy.md Show resolved Hide resolved
pkg/commands/app.go Outdated Show resolved Hide resolved
pkg/flag/db_flags.go Outdated Show resolved Hide resolved
knqyf263 added 2 commits June 24, 2024 13:27
@knqyf263
docs: add clean page
b50895b 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@knqyf263
fix: removed flag
01f901c 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
@DmitriyLewen
Copy link
Contributor

@knqyf263
I understand that didn't write about comments for --reset-checks-bundle flag.
Added in 8995644

@knqyf263
Copy link
Collaborator Author

@DmitriyLewen Thanks! It's my bad.

@knqyf263
Copy link
Collaborator Author

@chen-keinan @simar7 @nikpivkin Since it's a breaking change, I'd wait for you guys.

nikpivkin
nikpivkin approved these changes Jun 24, 2024
View reviewed changes
Copy link
Contributor

@nikpivkin nikpivkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@knqyf263 knqyf263 enabled auto-merge June 25, 2024 08:47
@knqyf263 knqyf263 added this pull request to the merge queue Jun 25, 2024
Merged via the queue into aquasecurity:main with commit 8d0ae1f Jun 25, 2024
17 checks passed
@knqyf263 knqyf263 deleted the feat/add_clean branch June 25, 2024 09:25
@aqua-bot aqua-bot mentioned this pull request Jun 25, 2024
Merged
@knqyf263
Copy link
Collaborator Author

Announced #7010

@knqyf263 knqyf263 mentioned this pull request Jun 26, 2024
Merged
6 tasks
@simar7
Copy link
Member

simar7 commented Jul 11, 2024

I didn't know but we seemed to have supported TRIVY_RESET as an environment variable to clean the cache in the past. This came up now because some users used to use this environment variable in their CI runs to clean the cache prior to running trivy-action. See this for an example.

It seems at some point, we have dropped support for this environment variable (and maybe other TRIVY_* envvars?) but I wasn't able to find that change.

In any case, if we no longer support that environment variable, we have to implement a way in trivy-action to be able to support such a use case. Please correct me if I missed something.

@knqyf263
Copy link
Collaborator Author

knqyf263 commented Jul 11, 2024
edited
Loading

TRIVY_RESET was removed, but envs for new flags are still supported.

$ TRIVY_ALL=true trivy clean
2024-07-11T11:47:57+04:00       INFO    Removing all caches...

$ TRIVY_SCAN_CACHE=true trivy clean
2024-07-11T11:48:32+04:00       INFO    Removing scan cache...

@simar7
Copy link
Member

simar7 commented Jul 11, 2024

@knqyf263 OK looks like in that case we will need to add support for this in the action as currently I don't see anyway to clean the cache from the action.

skahn007gl pushed a commit to skahn007gl/trivy that referenced this pull request Jul 23, 2024
@knqyf263 @DmitriyLewen @skahn007gl
feat!: add clean subcommand (aquasecurity#6993)
588b877 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
Co-authored-by: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikpivkin nikpivkin nikpivkin approved these changes

@DmitriyLewen DmitriyLewen DmitriyLewen approved these changes

@chen-keinan chen-keinan chen-keinan approved these changes

@simar7 simar7 simar7 approved these changes

Assignees

@knqyf263 knqyf263

Labels
kind/breaking Categorizes issue or PR as related to breaking compatibility.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Introduce trivy clean command and remove cache-clearing flags
5 participants
@knqyf263 @DmitriyLewen @simar7 @chen-keinan @nikpivkin