Merge pull request #341 from intelops/schedulechange

Scheduler change for trivy

agent/config/config.go

@@ -8,16 +8,18 @@ import (
 )
 
 type AgentConfigurations struct {
-	SANamespace            string `envconfig:"SA_NAMESPACE" default:"default"`
-	SAName                 string `envconfig:"SA_NAME" default:"default"`
-	OutdatedInterval       string `envconfig:"OUTDATED_INTERVAL" default:"0"`
-	GetAllInterval         string `envconfig:"GETALL_INTERVAL" default:"*/30 * * * *"`
-	KubeScoreInterval      string `envconfig:"KUBESCORE_INTERVAL" default:"*/40 * * * *"`
-	RakkessInterval        string `envconfig:"RAKKESS_INTERVAL" default:"*/50 * * * *"`
-	KubePreUpgradeInterval string `envconfig:"KUBEPREUPGRADE_INTERVAL" default:"*/60 * * * *"`
-	TrivyInterval          string `envconfig:"TRIVY_INTERVAL" default:"*/10 * * * *"`
-	SchedulerEnable        bool   `envconfig:"SCHEDULER_ENABLE" default:"true"`
-	KuberHealthyEnable     bool   `envconfig:"KUBERHEALTHY_ENABLE" default:"true"`
+	SANamespace              string `envconfig:"SA_NAMESPACE" default:"default"`
+	SAName                   string `envconfig:"SA_NAME" default:"default"`
+	OutdatedInterval         string `envconfig:"OUTDATED_INTERVAL" default:"0"`
+	GetAllInterval           string `envconfig:"GETALL_INTERVAL" default:"*/30 * * * *"`
+	KubeScoreInterval        string `envconfig:"KUBESCORE_INTERVAL" default:"*/40 * * * *"`
+	RakkessInterval          string `envconfig:"RAKKESS_INTERVAL" default:"*/50 * * * *"`
+	KubePreUpgradeInterval   string `envconfig:"KUBEPREUPGRADE_INTERVAL" default:"*/60 * * * *"`
+	TrivyImageInterval       string `envconfig:"TRIVY_IMAGE_INTERVAL" default:"*/10 * * * *"`
+	TrivySbomInterval        string `envconfig:"TRIVY_SBOM_INTERVAL" default:"*/20 * * * *"`
+	TrivyClusterScanInterval string `envconfig:"TRIVY_CLUSTERSCAN_INTERVAL" default:"*/35 * * * *"`
+	SchedulerEnable          bool   `envconfig:"SCHEDULER_ENABLE" default:"true"`
+	KuberHealthyEnable       bool   `envconfig:"KUBERHEALTHY_ENABLE" default:"true"`
 }
 
 func GetAgentConfigurations() (serviceConf *AgentConfigurations, err error) {

agent/kubviz/k8smetrics_agent.go

@@ -154,9 +154,7 @@ func main() {
 		err = kubescore.RunKubeScore(clientset, js)
 		events.LogErr(err)
 	}
-
 	collectAndPublishMetrics()
-
 	if cfg.SchedulerEnable { // Assuming "cfg.Schedule" is a boolean indicating whether to schedule or not.
 		scheduler := scheduler.InitScheduler(config, js, *cfg, clientset)
 

agent/kubviz/scheduler/scheduler.go

@@ -144,12 +144,32 @@ func InitScheduler(config *rest.Config, js nats.JetStreamContext, cfg config.Age
 			log.Fatal("failed to do job", err)
 		}
 	}
-	if cfg.TrivyInterval != "" && cfg.TrivyInterval != "0" {
-		sj, err := NewTrivyJob(config, js, cfg.TrivyInterval)
+	if cfg.TrivyImageInterval != "" && cfg.TrivyImageInterval != "0" {
+		sj, err := NewTrivyImagesJob(config, js, cfg.TrivyImageInterval)
 		if err != nil {
 			log.Fatal("no time interval", err)
 		}
-		err = s.AddJob("Trivy", sj)
+		err = s.AddJob("Trivyimage", sj)
+		if err != nil {
+			log.Fatal("failed to do job", err)
+		}
+	}
+	if cfg.TrivySbomInterval != "" && cfg.TrivySbomInterval != "0" {
+		sj, err := NewTrivySbomJob(config, js, cfg.TrivySbomInterval)
+		if err != nil {
+			log.Fatal("no time interval", err)
+		}
+		err = s.AddJob("Trivysbom", sj)
+		if err != nil {
+			log.Fatal("failed to do job", err)
+		}
+	}
+	if cfg.TrivyClusterScanInterval != "" && cfg.TrivyClusterScanInterval != "0" {
+		sj, err := NewTrivyClusterScanJob(js, cfg.TrivyClusterScanInterval)
+		if err != nil {
+			log.Fatal("no time interval", err)
+		}
+		err = s.AddJob("Trivycluster", sj)
 		if err != nil {
 			log.Fatal("failed to do job", err)
 		}

agent/kubviz/scheduler/scheduler_watch.go

@@ -25,11 +25,21 @@ type KetallJob struct {
 	js        nats.JetStreamContext
 	frequency string
 }
-type TrivyJob struct {
+type TrivyImageJob struct {
 	config    *rest.Config
 	js        nats.JetStreamContext
 	frequency string
 }
+type TrivySbomJob struct {
+	config    *rest.Config
+	js        nats.JetStreamContext
+	frequency string
+}
+type TrivyClusterScanJob struct {
+	//config    *rest.Config
+	js        nats.JetStreamContext
+	frequency string
+}
 type RakkessJob struct {
 	config    *rest.Config
 	js        nats.JetStreamContext
@@ -46,6 +56,55 @@ type KubescoreJob struct {
 	frequency string
 }
 
+func NewTrivySbomJob(config *rest.Config, js nats.JetStreamContext, frequency string) (*TrivySbomJob, error) {
+	return &TrivySbomJob{
+		config:    config,
+		js:        js,
+		frequency: frequency,
+	}, nil
+}
+func (v *TrivySbomJob) CronSpec() string {
+	return v.frequency
+}
+
+func (j *TrivySbomJob) Run() {
+	// Call the outDatedImages function with the provided config and js
+	err := trivy.RunTrivySbomScan(j.config, j.js)
+	events.LogErr(err)
+}
+
+func NewTrivyClusterScanJob(js nats.JetStreamContext, frequency string) (*TrivyClusterScanJob, error) {
+	return &TrivyClusterScanJob{
+		// config:    config,
+		js:        js,
+		frequency: frequency,
+	}, nil
+}
+func (v *TrivyClusterScanJob) CronSpec() string {
+	return v.frequency
+}
+
+func (j *TrivyClusterScanJob) Run() {
+	// Call the outDatedImages function with the provided config and js
+	err := trivy.RunTrivyK8sClusterScan(j.js)
+	events.LogErr(err)
+}
+func NewTrivyImagesJob(config *rest.Config, js nats.JetStreamContext, frequency string) (*TrivyImageJob, error) {
+	return &TrivyImageJob{
+		config:    config,
+		js:        js,
+		frequency: frequency,
+	}, nil
+}
+func (v *TrivyImageJob) CronSpec() string {
+	return v.frequency
+}
+
+func (j *TrivyImageJob) Run() {
+	// Call the outDatedImages function with the provided config and js
+	err := trivy.RunTrivyImageScans(j.config, j.js)
+	events.LogErr(err)
+}
 func NewOutDatedImagesJob(config *rest.Config, js nats.JetStreamContext, frequency string) (*OutDatedImagesJob, error) {
 	return &OutDatedImagesJob{
 		config:    config,
@@ -128,23 +187,3 @@ func (j *RakkessJob) Run() {
 	err := rakkess.RakeesOutput(j.config, j.js)
 	events.LogErr(err)
 }
-func NewTrivyJob(config *rest.Config, js nats.JetStreamContext, frequency string) (*TrivyJob, error) {
-	return &TrivyJob{
-		config:    config,
-		js:        js,
-		frequency: frequency,
-	}, nil
-}
-func (v *TrivyJob) CronSpec() string {
-	return v.frequency
-}
-
-func (j *TrivyJob) Run() {
-	// Call the Trivy function with the provided config and js
-	err := trivy.RunTrivySbomScan(j.config, j.js)
-	events.LogErr(err)
-	err = trivy.RunTrivyImageScans(j.config, j.js)
-	events.LogErr(err)
-	err = trivy.RunTrivyK8sClusterScan(j.js)
-	events.LogErr(err)
-}

charts/agent/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.1.15
+version: 1.1.16
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/agent/templates/deployment.yaml

@@ -79,8 +79,12 @@ spec:
             value: "{{ .Values.schedule.rakkessInterval }}"
           - name: KUBEPREUPGRADE_INTERVAL
             value: "{{ .Values.schedule.kubepreupgradeInterval }}"
-          - name: TRIVY_INTERVAL
-            value: "{{ .Values.schedule.trivyInterval }}"
+          - name: TRIVY_IMAGE_INTERVAL
+            value: "{{ .Values.schedule.trivyimageInterval }}"
+          - name: TRIVY_SBOM_INTERVAL
+            value: "{{ .Values.schedule.trivysbomInterval }}"
+          - name: TRIVY_CLUSTERSCAN_INTERVAL
+            value: "{{ .Values.schedule.trivyclusterscanInterval }}"
           - name: IS_OPTEL_ENABLED
             value: "{{ .Values.opentelemetry.isEnabled }}"
           - name : OPTEL_URL

charts/agent/values.yaml

@@ -184,7 +184,9 @@ schedule:
   kubescoreInterval: "@every 20h"
   rakkessInterval: "@every 21h"
   kubepreupgradeInterval: "@every 22h"
-  trivyInterval: "@every 24h"
+  trivyimageInterval: "@every 24h"
+  trivysbomInterval: "@every 16h"
+  trivyclusterscanInterval: "@every 17h"
 
 kuberhealthy:
   enabled: true