@@ -129,23 +129,23 @@ def scan_image(secobserve_api_token: str, image: str, product_name: str, product
129129 print ("No SBOM found, falling back to image mode" )
130130 mode = "image" # fallback to image mode if no SBOM is available
131131
132- # Run Trivy
132+ # Run Grype
133133 env = {}
134134 env ["TARGET" ] = image if mode == "image" else "/tmp/bom.json"
135135 env ["SO_UPLOAD" ] = "true"
136136 env ["SO_PRODUCT_NAME" ] = product_name
137137 env ["SO_API_BASE_URL" ] = "https://secobserve-backend.stackable.tech"
138138 env ["SO_API_TOKEN" ] = secobserve_api_token
139139 env ["SO_BRANCH_NAME" ] = product_version
140- env ["TMPDIR " ] = "/tmp/trivy_tmp "
141- env ["TRIVY_CACHE_DIR " ] = "/tmp/trivy_cache "
142- env ["REPORT_NAME" ] = "trivy .json"
140+ env ["FURTHER_PARAMETERS " ] = "--by-cve "
141+ env ["GRYPE_DB_CACHE_DIR " ] = "/tmp/grype_db_cache "
142+ env ["REPORT_NAME" ] = "grype .json"
143143
144144 cmd = [
145145 "docker" ,
146146 "run" ,
147147 "--entrypoint" ,
148- "/entrypoints/entrypoint_trivy_ " + mode + ".sh" ,
148+ "/entrypoints/entrypoint_grype_ " + mode + ".sh" ,
149149 "-v" ,
150150 "/tmp/stackable:/tmp" ,
151151 "-v" ,
@@ -158,19 +158,19 @@ def scan_image(secobserve_api_token: str, image: str, product_name: str, product
158158
159159 cmd .append ("oci.stackable.tech/sandbox/secobserve-scanners:latest" )
160160
161- print (" " .join (cmd ))
162161 subprocess .run (cmd )
163162
164- # Run Grype
165- env ["FURTHER_PARAMETERS" ] = "--by-cve"
166- env ["GRYPE_DB_CACHE_DIR" ] = "/tmp/grype_db_cache"
167- env ["REPORT_NAME" ] = "grype.json"
163+ # Run Trivy
164+ env ["TMPDIR" ] = "/tmp/trivy_tmp"
165+ env ["FURTHER_PARAMETERS" ] = ""
166+ env ["TRIVY_CACHE_DIR" ] = "/tmp/trivy_cache"
167+ env ["REPORT_NAME" ] = "trivy.json"
168168
169169 cmd = [
170170 "docker" ,
171171 "run" ,
172172 "--entrypoint" ,
173- "/entrypoints/entrypoint_grype_ " + mode + ".sh" ,
173+ "/entrypoints/entrypoint_trivy_ " + mode + ".sh" ,
174174 "-v" ,
175175 "/tmp/stackable:/tmp" ,
176176 "-v" ,
0 commit comments