Skip to content
This repository has been archived by the owner on Sep 20, 2024. It is now read-only.

Commit

Permalink
Set up development environment with Skaffold (#393)
Browse files Browse the repository at this point in the history
* add submodule

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* remove vagrant files

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* add skaffold

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* update docs

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: mention Podman

Signed-off-by: knqyf263 <knqyf263@gmail.com>

---------

Signed-off-by: knqyf263 <knqyf263@gmail.com>
  • Loading branch information
knqyf263 authored Nov 15, 2023
1 parent 40dcef9 commit a7b601e
Show file tree
Hide file tree
Showing 11 changed files with 102 additions and 226 deletions.
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[submodule "harbor-helm"]
path = harbor-helm
url = https://github.com/goharbor/harbor-helm.git
45 changes: 32 additions & 13 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,38 +17,57 @@

1. Install Go.

The project requires [Go 1.17][go-download] or later. We also assume that you're familiar with
The project requires [Go 1.21][go-download] or later. We also assume that you're familiar with
Go's [GOPATH workspace][go-code] convention, and have the appropriate environment variables set.
2. Install Docker, Docker Compose, and Make.
2. Install Docker, Make, and Skaffold.
3. Get the source code.
```
git clone https://github.com/aquasecurity/harbor-scanner-trivy.git
cd harbor-scanner-trivy
```

**NOTE**: Podman is [not supported](https://github.com/GoogleContainerTools/skaffold/issues/8430) by Skaffold.

## Setup Development Environment with Vagrant
## Set up Development Environment with Kubernetes

1. Get the source code.
```
git clone https://github.com/aquasecurity/harbor-scanner-trivy.git
git clone --recursive https://github.com/aquasecurity/harbor-scanner-trivy.git
cd harbor-scanner-trivy
```
2. Create and configure a guest development machine, which is based on Ubuntu 20.4 LTS and has Go, Docker, Docker Compose,
Make, and Harbor v2.5.1 preinstalled. Harbor is installed in the `/opt/harbor` directory.
2. Launch a Kubernetes cluster

We recommend setting up a Kubernetes cluster with:

- [kind](https://kind.sigs.k8s.io/docs/user/quick-start/)
- [minikube](https://minikube.sigs.k8s.io/docs/start/)
- [Docker Desktop](https://docs.docker.com/desktop/)
- [Rancher Desktop](https://docs.rancherdesktop.io/ui/preferences/kubernetes/)

However, you can use any Kubernetes cluster you want.

In case of kind, you can use the following command to create a cluster:
```
vagrant up
kind create cluster --name harbor-scanner-trivy
```
If everything goes well Harbor will be accessible at http://localhost:8181 (admin/Harbor12345).

To SSH into a running Vagrant machine.
3. Run Skaffold

The following command will build the image and deploy Harbor with the scanner adapter to the Kubernetes cluster:
```
vagrant ssh
make dev
```
The `/vagrant` directory in the development machine is shared between host and guest. This, for example, allows you
to rebuild a container image for testing.

4. Access Harbor UI

After the Harbor chart is deployed, you can access `https://core.harbor.domain`.
It depends on how you configure the Kubernetes cluster, but you may need to add a host entry to `/etc/hosts` file.

```
vagrant@ubuntu-focal:/vagrant$ make docker-build
echo "127.0.0.1\tcore.harbor.domain" | sudo tee -a /etc/hosts
```

username: admin, password: Harbor12345

## Build Binaries

Expand Down
33 changes: 33 additions & 0 deletions Dockerfile.dev
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# That's the only place where you're supposed to specify version of Trivy.
ARG TRIVY_VERSION=0.46.0
ARG SKAFFOLD_GO_GCFLAGS

FROM golang:1.21-alpine AS builder

WORKDIR /go/src/github.com/aquasecurity/harbor-scanner-trivy

# Download Go dependencies first
COPY go.mod go.sum ./
RUN go mod download

# Copy the entire project and build it.
COPY cmd/ ./cmd
COPY pkg/ ./pkg
RUN CGO_ENABLED=0 go build -gcflags="${SKAFFOLD_GO_GCFLAGS}" -o scanner-trivy cmd/scanner-trivy/main.go

FROM aquasec/trivy:${TRIVY_VERSION}

ENV GOTRACEBACK=all

# An ARG declared before a FROM is outside of a build stage, so it can't be used in any
# instruction after a FROM. To use the default value of an ARG declared before the first
# FROM use an ARG instruction without a value inside of a build stage.
ARG TRIVY_VERSION

RUN adduser -u 10000 -D -g '' scanner scanner

COPY --from=builder /go/src/github.com/aquasecurity/harbor-scanner-trivy/scanner-trivy /home/scanner/bin/scanner-trivy

ENV TRIVY_VERSION=${TRIVY_VERSION}

ENTRYPOINT ["/home/scanner/bin/scanner-trivy"]
14 changes: 11 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,13 @@ BINARY := scanner-trivy
IMAGE_TAG := dev
IMAGE := aquasec/harbor-scanner-trivy:$(IMAGE_TAG)

.PHONY: build test test-integration test-component docker-build setup dev debug run

build: $(BINARY)

test: build
GO111MODULE=on go test -v -short -race -coverprofile=coverage.txt -covermode=atomic ./...

.PHONY: test-integration
test-integration: build
GO111MODULE=on go test -count=1 -v -tags=integration ./test/integration/...

Expand All @@ -26,11 +27,18 @@ docker-build: build
lint:
./bin/golangci-lint --build-tags component,integration run -v

.PHONY: setup
setup:
curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s v1.21.0

.PHONY: run
submodule:
git submodule update --init --recursive

dev:
skaffold dev --tolerate-failures-until-deadline=true

debug:
skaffold debug --tolerate-failures-until-deadline=true

run: export SCANNER_TRIVY_CACHE_DIR = $(TMPDIR)harbor-scanner-trivy/.cache/trivy
run: export SCANNER_TRIVY_REPORTS_DIR=$(TMPDIR)harbor-scanner-trivy/.cache/reports
run: export SCANNER_LOG_LEVEL=debug
Expand Down
1 change: 1 addition & 0 deletions harbor-helm
Submodule harbor-helm added at fd3a4b
22 changes: 22 additions & 0 deletions skaffold.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
apiVersion: skaffold/v4beta7
kind: Config
metadata:
name: harbor-scanner-trivy
build:
local:
push: false # Use kind, minikube, Docker Desktop, Rancher Desktop, etc.
useDockerCLI: true
artifacts:
- image: aquasecurity/harbor-scanner-trivy
docker:
dockerfile: Dockerfile.dev
deploy:
helm:
releases:
- name: my-harbor
chartPath: ./harbor-helm # remoteChart doesn't work for some reason
valuesFiles:
- ./harbor-helm/values.yaml
setValueTemplates:
trivy.image.repository: "{{.IMAGE_REPO_aquasecurity_harbor_scanner_trivy}}"
trivy.image.tag: "{{.IMAGE_TAG_aquasecurity_harbor_scanner_trivy}}"
115 changes: 0 additions & 115 deletions vagrant/harbor.yml

This file was deleted.

35 changes: 0 additions & 35 deletions vagrant/install-docker.sh

This file was deleted.

9 changes: 0 additions & 9 deletions vagrant/install-go.sh

This file was deleted.

36 changes: 0 additions & 36 deletions vagrant/install-harbor.sh

This file was deleted.

15 changes: 0 additions & 15 deletions vagrant/push-images.sh

This file was deleted.

0 comments on commit a7b601e

Please sign in to comment.