renuka-fernando/trivy-scan.sh

## trivy-scan.sh
trivyVersion="latest"
trivyExitCode=1
buildFail=0

trivy() {
   docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
   -v "$PWD/.trivyignore":/.trivyignore:ro aquasec/trivy:${trivyVersion} image --exit-code "${trivyExitCode}" $4 \
   --severity MEDIUM,HIGH,CRITICAL --ignorefile /.trivyignore --timeout 10m $1/$2:$3
   if [ ${trivyExitCode} -eq 1 -a $? -eq 1 ]
   then
       echo "Vulnerabilities found." 1>&2
       buildFail=1
   fi
   if [ ${trivyExitCode} -eq 1 -a $? -eq 0 ]
   then
       echo "No critical, high or Medium level vulnerabilities found."

   fi
   if [ ${trivyExitCode} -eq 0 ]
   then
       echo "Vulnerabilities if exist, are ignored in this step as exit code is set to '0'."
   fi

}

trivy wso2 choreo-connect-enforcer 1.0.0
	trivyVersion="latest"
	trivyExitCode=1
	buildFail=0

	trivy() {
	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
	-v "$PWD/.trivyignore":/.trivyignore:ro aquasec/trivy:${trivyVersion} image --exit-code "${trivyExitCode}" $4 \
	--severity MEDIUM,HIGH,CRITICAL --ignorefile /.trivyignore --timeout 10m $1/$2:$3
	if [ ${trivyExitCode} -eq 1 -a $? -eq 1 ]
	then
	echo "Vulnerabilities found." 1>&2
	buildFail=1
	fi
	if [ ${trivyExitCode} -eq 1 -a $? -eq 0 ]
	then
	echo "No critical, high or Medium level vulnerabilities found."

	fi
	if [ ${trivyExitCode} -eq 0 ]
	then
	echo "Vulnerabilities if exist, are ignored in this step as exit code is set to '0'."
	fi

	}

	trivy wso2 choreo-connect-enforcer 1.0.0