From 4cec06bb5731ced82e3a9fdecfdd82eb54378822 Mon Sep 17 00:00:00 2001
From: Bertrand Goareguer <bertrand.goareguer@gmail.com>
Date: Mon, 20 Jun 2022 21:37:09 +0000
Subject: [PATCH] fix(Trivy): prefix Trivy report name

---
 templates/gitlab-ci-docker.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index 080a7b2..09be75a 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -613,8 +613,8 @@ docker-trivy:
     trivy image --clear-cache
     export TRIVY_USERNAME=${DOCKER_REGISTRY_SNAPSHOT_USER:-${DOCKER_REGISTRY_USER:-$CI_REGISTRY_USER}}
     export TRIVY_PASSWORD=${DOCKER_REGISTRY_SNAPSHOT_PASSWORD:-${DOCKER_REGISTRY_PASSWORD:-$CI_REGISTRY_PASSWORD}}
-    export FILENAME=$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
-    mkdir -p ./trivy
+    export FILENAME=trivy-$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
+    mkdir -p ./reports
     if [[ -z "${DOCKER_TRIVY_ADDR}" ]]; then
       log_warn "\\e[93mYou are using Trivy in standalone mode. To get faster scans, consider setting the DOCKER_TRIVY_ADDR variable to the address of a Trivy server. More info here: https://aquasecurity.github.io/trivy/latest/docs/references/modes/client-server/\\e[0m"
       trivy image --download-db-only
@@ -626,15 +626,15 @@ docker-trivy:
     # Add common trivy arguments
     export trivy_opts="${trivy_opts} --severity ${DOCKER_TRIVY_SECURITY_LEVEL_THRESHOLD} --vuln-type os ${DOCKER_TRIVY_ARGS}"
     # the first execution of Trivy should never fail, otherwise the other executions won't be run (so --exit-code=0)
-    trivy ${trivy_opts} --format template --template @/contrib/junit.tpl --output ./trivy/${FILENAME}.xml --exit-code 0  $DOCKER_SNAPSHOT_IMAGE
-    trivy ${trivy_opts} --format json --output ./trivy/${FILENAME}.json --exit-code 0 $DOCKER_SNAPSHOT_IMAGE
+    trivy ${trivy_opts} --format template --template @/contrib/junit.tpl --output ./reports/${FILENAME}.xml --exit-code 0  $DOCKER_SNAPSHOT_IMAGE
+    trivy ${trivy_opts} --format json --output ./reports/${FILENAME}.json --exit-code 0 $DOCKER_SNAPSHOT_IMAGE
     trivy ${trivy_opts} --format table --exit-code 1 $DOCKER_SNAPSHOT_IMAGE
   artifacts:
     when: always
     paths:
-    - trivy/
+    - reports/
     reports:
-      junit: "trivy/*.xml"
+      junit: "reports/*.xml"
   cache:
     paths:
       - .trivycache/
-- 
GitLab