Merge pull request #301 from intelops/clustername-bom

clustername

agent/kubviz/trivy_sbom.go

@@ -17,9 +17,15 @@ import (
 )
 
 func publishTrivySbomReport(report cyclonedx.BOM, js nats.JetStreamContext) error {
+
+	for _,packageinfo :=range report.Packages {
+		for _, pkg := range packageinfo.Packages {
+
 	metrics := model.SbomData{
 		ID:               uuid.New().String(),
+		ClusterName: 	ClusterName,
 		ComponentName:    report.CycloneDX.Metadata.Component.Name,
+		PackageName: 	pkg.Name,
 		PackageUrl:       report.CycloneDX.Metadata.Component.PackageURL,
 		BomRef:           report.CycloneDX.Metadata.Component.BOMRef,
 		SerialNumber:     report.CycloneDX.SerialNumber,
@@ -35,8 +41,9 @@ func publishTrivySbomReport(report cyclonedx.BOM, js nats.JetStreamContext) erro
 	if err != nil {
 		return err
 	}
-
 	log.Printf("Trivy sbom report with Id %v has been published\n", metrics.ID)
+}
+}
 	return nil
 }
 

client/pkg/clickhouse/db_client.go

@@ -699,7 +699,9 @@ func (c *DBClient) InsertTrivySbomMetrics(metrics model.SbomData) {
 
 		if _, err := stmt.Exec(
 			metrics.ID,
+			metrics.ClusterName,
 			metrics.ComponentName,
+			metrics.PackageName,
 			metrics.PackageUrl,
 			metrics.BomRef,
 			metrics.SerialNumber,

client/pkg/clickhouse/statements.go

@@ -205,7 +205,9 @@ const quayContainerPushEventTable DBStatement = `
 const trivySbomTable DBStatement = `
 	CREATE TABLE IF NOT EXISTS trivysbom (
 		id UUID,
+		cluster_name String,
 		image_name String,
+		package_name String,
 		package_url String,
 		bom_ref String,
 		serial_number  String,
@@ -228,6 +230,6 @@ const InsertTrivyVul string = "INSERT INTO trivy_vul (id, cluster_name, namespac
 const InsertTrivyImage string = "INSERT INTO trivyimage (id, cluster_name, artifact_name, vul_id,  vul_pkg_id, vul_pkg_name,  vul_installed_version, vul_fixed_version, vul_title, vul_severity, vul_published_date, vul_last_modified_date) VALUES ( ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
 const InsertTrivyMisconfig string = "INSERT INTO trivy_misconfig (id, cluster_name, namespace, kind, name, misconfig_id, misconfig_avdid, misconfig_type, misconfig_title, misconfig_desc, misconfig_msg, misconfig_query, misconfig_resolution, misconfig_severity, misconfig_status, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"
 const InsertAzureContainerPushEvent DBStatement = "INSERT INTO azurecontainerpush (RegistryURL, RepositoryName, Tag, ImageName, Event, Size, SHAID, EventTime) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?)"
-const InsertTrivySbom string = "INSERT INTO trivysbom (id, image_name, package_url, bom_ref, serial_number, version, bom_format) VALUES (?, ?, ?, ?, ?, ?, ?)"
+const InsertTrivySbom string = "INSERT INTO trivysbom (id, cluster_name, image_name, package_name, package_url, bom_ref, serial_number, version, bom_format) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
 const InsertQuayContainerPushEvent DBStatement = "INSERT INTO quaycontainerpush (name, repository, nameSpace, dockerURL, homePage, tag, Event, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"
 const InsertJfrogContainerPushEvent DBStatement = "INSERT INTO jfrogcontainerpush (Domain, EventType, RegistryURL, RepositoryName, SHAID, Size, ImageName, Tag, Event, EventTime) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"

model/trivy_sbom.go

@@ -11,7 +11,9 @@ type Sbom struct {
 
 type SbomData struct {
 	ID               string
+	ClusterName string
 	ComponentName    string
+	PackageName string
 	PackageUrl       string
 	BomRef           string
 	SerialNumber     string

sql/0000015_trivysbom.up.sql

@@ -1,6 +1,8 @@
 CREATE TABLE IF NOT EXISTS trivysbom (
 	id                    UUID,
+	cluster_name String,
 	image_name            String,
+	package_name String,
 	package_url           String,
 	bom_ref 			  String,
 	serial_number         String,