feat(k8s): add --context flag (#2171)

Signed-off-by: Jose Donizetti <jdbjunior@gmail.com>
2025-12-23 07:29:00 -08:00 · 2022-05-31 07:06:10 -03:00
parent 0e937b5367
commit e18f38af3c
5 changed files with 26 additions and 9 deletions
--- a/go.mod
+++ b/go.mod
@@ -197,7 +197,7 @@ require (
 require (
 	github.com/aquasecurity/table v1.5.1
-	github.com/aquasecurity/trivy-kubernetes v0.2.2
+	github.com/aquasecurity/trivy-kubernetes v0.2.3-0.20220523142917-375e14b1a7c8
 )
 require (
--- a/go.sum
+++ b/go.sum
@@ -197,8 +197,8 @@ github.com/aquasecurity/table v1.5.1/go.mod h1:1MFKrEPJ8NchM917BrVGvsqoXJo1OL1Ja
 github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516 h1:moQmzbpLo5dxHQCyEhqzizsDSNrNhn/7uRTCZzo4A1o=
 github.com/aquasecurity/trivy-db v0.0.0-20220510190819-8ca06716f46e h1:NLm5KWGcnkwaUR1GODPePyhNsbuFiT6lgKYcCcW9c10=
 github.com/aquasecurity/trivy-db v0.0.0-20220510190819-8ca06716f46e/go.mod h1:/nULgnDeq/JMPMVwE1dmf4kWlYn++7VrM3O2naj4BHA=
-github.com/aquasecurity/trivy-kubernetes v0.2.2 h1:j7jdALJ+NuuRm/q2s60eH1FfvFfvheEtPgfmSArU7Ww=
+github.com/aquasecurity/trivy-kubernetes v0.2.3-0.20220523142917-375e14b1a7c8 h1:y9Lw1s3SeGrC9uk1MAWc60FwXX2UrIOBpVwEkf5SJ8w=
-github.com/aquasecurity/trivy-kubernetes v0.2.2/go.mod h1:+AIWIhAXnx3YBDQPrtVNfw5C2DHQ0raehMz5Uhwt/yc=
+github.com/aquasecurity/trivy-kubernetes v0.2.3-0.20220523142917-375e14b1a7c8/go.mod h1:+AIWIhAXnx3YBDQPrtVNfw5C2DHQ0raehMz5Uhwt/yc=
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
--- a/pkg/commands/app.go
+++ b/pkg/commands/app.go
@@ -218,6 +218,14 @@ var (
 		EnvVars: []string{"TRIVY_K8S_NAMESPACE"},
 	}
 	contextFlag = cli.StringFlag{
 		Name:    "context",
 		Aliases: []string{"ctx"},
 		Value:   "",
 		Usage:   "specify a context to scan",
 		EnvVars: []string{"TRIVY_K8S_CONTEXT"},
 	}
 	reportFlag = cli.StringFlag{
 		Name:  "report",
 		Value: "all",
@@ -829,6 +837,7 @@ func NewK8sCommand() *cli.Command {
 `,
 		Action: k8s.Run,
 		Flags: []cli.Flag{
 			&contextFlag,
 			&namespaceFlag,
 			&reportFlag,
 			&formatFlag,
--- a/pkg/commands/option/kubernetes.go
+++ b/pkg/commands/option/kubernetes.go
@@ -6,14 +6,16 @@ import (
 // KubernetesOption holds the options for Kubernetes scanning
 type KubernetesOption struct {
-	Namespace    string
+	ClusterContext string
-	ReportFormat string
+	Namespace      string
 	ReportFormat   string
 }
 // NewKubernetesOption is the factory method to return Kubernetes options
 func NewKubernetesOption(c *cli.Context) KubernetesOption {
 	return KubernetesOption{
-		Namespace:    c.String("namespace"),
+		ClusterContext: c.String("context"),
-		ReportFormat: c.String("report"),
+		Namespace:      c.String("namespace"),
 		ReportFormat:   c.String("report"),
 	}
 }
--- a/pkg/k8s/run.go
+++ b/pkg/k8s/run.go
@@ -69,7 +69,7 @@ func Run(cliCtx *cli.Context) error {
 		}
 	}()
-	cluster, err := k8s.GetCluster()
+	cluster, err := k8s.GetCluster(opt.KubernetesOption.ClusterContext)
 	if err != nil {
 		return xerrors.Errorf("get k8s cluster: %w", err)
 	}
@@ -80,8 +80,14 @@ func Run(cliCtx *cli.Context) error {
 		return xerrors.Errorf("get k8s artifacts error: %w", err)
 	}
 	currentContext := opt.KubernetesOption.ClusterContext
 	if len(currentContext) == 0 {
 		// if context is empty, the default one was scanned
 		currentContext = cluster.GetCurrentContext()
 	}
 	s := &scanner{
-		cluster: cluster.GetCurrentContext(),
+		cluster: currentContext,
 		runner:  runner,
 		opt:     opt,
 	}