From ca43188adf37a2aade9823d27917a6ce1e9c987f Mon Sep 17 00:00:00 2001
From: Elia el Lazkani <elia@lazkani.io>
Date: Tue, 4 Jul 2023 21:51:49 +0200
Subject: [PATCH] chore(): Adds new attach scan report script

---
 scripts/attach-scan-report | 31 +++++++++++++++++++++++++++++++
 scripts/get-scan-report    |  2 +-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100755 scripts/attach-scan-report

diff --git a/scripts/attach-scan-report b/scripts/attach-scan-report
new file mode 100755
index 0000000..c2989d9
--- /dev/null
+++ b/scripts/attach-scan-report
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+set -xe
+
+TIMESTAMP=$(date "+%F %T %Z")
+
+image="$@"
+printf "Set image to $image...\n"
+
+extra_vars=""
+
+if [ ! -z $REGISTRY_USERNAME ]; then
+    printf "Found registry username...\n"
+    extra_vars="$extra_vars --username $REGISTRY_USERNAME"
+fi
+
+if [ ! -z $REGISTRY_PASSWORD ]; then
+    printf "Found registry password\n"
+    extra_vars="$extra_vars --password $REGISTRY_PASSWORD"
+fi
+
+extra_vars="$extra_vars -a \"org.opencontainers.trivy.created=$TIMESTAMP\" -a \"org.opencontainers.trivy.status=Passed\" -a \"org.opencontainers.trivy.tag=${DRONE_COMMIT_SHA:0:8}\""
+
+printf "Checking for result file...\n"
+if [ -e result.json ]; then
+    printf "Result file found, attaching it to container...\n"
+    oras attach $extra_vars --artifact-type=application/json $image "result.json"
+else
+    printf "Result file not found !\n"
+    exit 1
+fi
diff --git a/scripts/get-scan-report b/scripts/get-scan-report
index 6bb7f3c..e21f616 100755
--- a/scripts/get-scan-report
+++ b/scripts/get-scan-report
@@ -21,7 +21,7 @@ fi
 
 if [ ! -z REGISTRY_PASSWORD ]; then
     printf "Found registry password\n"
-    extra_vars="$extra_vars --password $REGISTRY_PASSWORD "
+    extra_vars="$extra_vars --password $REGISTRY_PASSWORD"
 fi