chore(): Enhances the capabilities of Tricks

- Adds quick scan capability for scanning without pushing the image
- Automates pulling Oras' latest version

Dockerfile

@@ -1,11 +1,10 @@
 FROM python:alpine
 MAINTAINER Elia El Lazkani <git@lazkani.io>
 
-ARG ORAS_VERSION="1.0.0"
-
 COPY scripts/* /usr/local/bin/
 
 RUN apk add --virtual .build-deps curl && \
+    export ORAS_VERSION=$(wget -qO - "https://api.github.com/repos/oras-project/oras/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') && \
     curl -LO "https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz" && \
     mkdir -p oras-install/ && \
     tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \

scripts/quick-scan

@@ -0,0 +1,18 @@
+#!/usr/bin/env python
+import sys
+from args import argument_parse
+from trivy import Trivy
+
+def main():
+
+    args = argument_parse()
+
+    trivy = Trivy(args.image, args.tag)
+    scan = trivy.full_scan(image_src="remote", generate_report=False)
+    if not scan:
+        sys.exit(1)
+    print("Full scan successful...")
+
+
+if __name__ == '__main__':
+    main()

scripts/trivy.py

@@ -57,7 +57,7 @@ class Trivy:
             return self.error()
         return self.success()
 
-    def full_scan(self, image_src: str = None):
+    def full_scan(self, image_src: str = None, generate_report: bool = True):
         severity_check, sc_return_code = self.scan_critical_severity(image_src=image_src)
         full_report, _ = self.full_report(image_src=image_src)
 
@@ -69,6 +69,9 @@ class Trivy:
             return self.error()
         print("Passed security check scan...")
 
+        if not generate_report:
+            return self.success()
+
         _, _ = self.generate_cdx_report(image_src=image_src)
 
         result = self.get_result()