diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index f6c769ee..03bb5319 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -235,6 +235,7 @@ func (c completedConfig) New(ctx context.Context) (*ScannerServer, error) { c.ExtraConfig.TrivyImage, c.ExtraConfig.TrivyDBCacherImage, c.ExtraConfig.FileServerAddr, + c.ExtraConfig.FileServerFilesDir, c.ExtraConfig.ScanRequestTTLPeriod, c.ExtraConfig.Workspace, )).SetupWithManager(mgr); err != nil { diff --git a/pkg/controllers/scanreport/controller.go b/pkg/controllers/scanreport/controller.go index 34136f04..acb12e9d 100644 --- a/pkg/controllers/scanreport/controller.go +++ b/pkg/controllers/scanreport/controller.go @@ -39,6 +39,9 @@ type ImageScanReportReconciler struct { } func (r *ImageScanReportReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + if !fileserver.MetadataFileExists(r.FileServerDir) { + return ctrl.Result{RequeueAfter: time.Minute}, nil + } log := log.FromContext(ctx) var isrp api.ImageScanReport diff --git a/pkg/controllers/scanrequest/helpers.go b/pkg/controllers/scanrequest/helpers.go index 2d3d067b..2cd9e02b 100644 --- a/pkg/controllers/scanrequest/helpers.go +++ b/pkg/controllers/scanrequest/helpers.go @@ -57,11 +57,7 @@ func EnsureScanReport(kc client.Client, imageRef string, resp trivy.BackendRespo klog.Infof("%v ImageScanReport has been created\n", obj.GetName()) } - _, err = cu.PatchStatus(context.TODO(), kc, &api.ImageScanReport{ - ObjectMeta: metav1.ObjectMeta{ - Name: api.GetReportName(img.Name), - }, - }, func(obj client.Object) client.Object { + _, err = cu.PatchStatus(context.TODO(), kc, obj, func(obj client.Object) client.Object { rep := obj.(*api.ImageScanReport) rep.Status.Version = resp.TrivyVersion rep.Status.Report = resp.Report diff --git a/pkg/controllers/scanrequest/reconciler.go b/pkg/controllers/scanrequest/reconciler.go index 5daa0ab2..1be84092 100644 --- a/pkg/controllers/scanrequest/reconciler.go +++ b/pkg/controllers/scanrequest/reconciler.go @@ -23,6 +23,7 @@ import ( api "kubeops.dev/scanner/apis/scanner/v1alpha1" "kubeops.dev/scanner/apis/trivy" "kubeops.dev/scanner/pkg/backend" + "kubeops.dev/scanner/pkg/fileserver" "github.com/nats-io/nats.go" batch "k8s.io/api/batch/v1" @@ -44,6 +45,7 @@ type Reconciler struct { trivyImage string trivyDBCacherImage string fileServerAddr string + fileServerDir string scanRequestTTLPeriod time.Duration workspace string } @@ -57,7 +59,7 @@ type RequestReconciler struct { func NewImageScanRequestReconciler( kc client.Client, nc *nats.Conn, - scannedImage, trivyImage, trivyDBCacherImage, fsAddr string, + scannedImage, trivyImage, trivyDBCacherImage, fsAddr, fileServerDir string, garbageCol time.Duration, workspace string, ) *Reconciler { @@ -68,12 +70,17 @@ func NewImageScanRequestReconciler( trivyImage: trivyImage, trivyDBCacherImage: trivyDBCacherImage, fileServerAddr: fsAddr, + fileServerDir: fileServerDir, scanRequestTTLPeriod: garbageCol, workspace: workspace, } } func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + if !fileserver.MetadataFileExists(r.fileServerDir) { + return ctrl.Result{RequeueAfter: time.Minute}, nil + } + log := log.FromContext(ctx) log.Info("Reconciling for ", "req", req) @@ -140,7 +147,7 @@ func (r *RequestReconciler) freshScanRequired() (bool, error) { if err != nil { return true, client.IgnoreNotFound(err) } - if isrp.Status.Phase == api.ImageScanReportPhaseOutdated { + if isrp.Status.Phase == api.ImageScanReportPhaseOutdated || isrp.Status.Phase == "" { return true, nil } return false, r.updateStatusAsReportAlreadyExists(&isrp) diff --git a/pkg/fileserver/lib.go b/pkg/fileserver/lib.go index 08420946..6287c8d6 100755 --- a/pkg/fileserver/lib.go +++ b/pkg/fileserver/lib.go @@ -154,3 +154,9 @@ func VulnerabilityDBLastUpdatedAt(fsDir string) (*trivy.Time, error) { } return &ver.UpdatedAt, nil } + +func MetadataFileExists(fsDir string) bool { + fileName := filepath.Join(fsDir, "trivy", "metadata.json") + _, err := os.Stat(fileName) + return !os.IsNotExist(err) +}