feat: removal of trivy integration

Signed-off-by: AlexsJones <alexsimonjones@gmail.com>

.release-please-manifest.json

@@ -1 +1 @@
-{".":"0.3.49"}
+{".":"0.3.50"}

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## [0.3.50](https://github.com/k8sgpt-ai/k8sgpt/compare/v0.3.49...v0.3.50) (2025-02-24)
+
+
+### Features
+
+* rework to how bedrock data models are structured and accessed ([#1369](https://github.com/k8sgpt-ai/k8sgpt/issues/1369)) ([7dadea2](https://github.com/k8sgpt-ai/k8sgpt/commit/7dadea257007df64148f1e47f7960d1d30df67b2))
+
 ## [0.3.49](https://github.com/k8sgpt-ai/k8sgpt/compare/v0.3.48...v0.3.49) (2025-02-20)
 
 

README.md

@@ -49,7 +49,7 @@ brew install k8sgpt
   <!---x-release-please-start-version-->
 
   ```
-  sudo rpm -ivh https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_386.rpm
+  sudo rpm -ivh https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_386.rpm
   ```
   <!---x-release-please-end-->
 
@@ -57,7 +57,7 @@ brew install k8sgpt
 
   <!---x-release-please-start-version-->
   ```
-  sudo rpm -ivh https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_amd64.rpm
+  sudo rpm -ivh https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_amd64.rpm
   ```
   <!---x-release-please-end-->
 </details>
@@ -70,7 +70,7 @@ brew install k8sgpt
   <!---x-release-please-start-version-->
 
 ```
-curl -LO https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_386.deb
+curl -LO https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_386.deb
 sudo dpkg -i k8sgpt_386.deb
 ```
 
@@ -81,7 +81,7 @@ sudo dpkg -i k8sgpt_386.deb
   <!---x-release-please-start-version-->
 
 ```
-curl -LO https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_amd64.deb
+curl -LO https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_amd64.deb
 sudo dpkg -i k8sgpt_amd64.deb
 ```
 
@@ -96,7 +96,7 @@ sudo dpkg -i k8sgpt_amd64.deb
 
   <!---x-release-please-start-version-->
   ```
-  wget https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_386.apk
+  wget https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_386.apk
   apk add --allow-untrusted k8sgpt_386.apk
   ```
   <!---x-release-please-end-->
@@ -105,7 +105,7 @@ sudo dpkg -i k8sgpt_amd64.deb
 
   <!---x-release-please-start-version-->
   ```
-  wget https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.49/k8sgpt_amd64.apk
+  wget https://github.com/k8sgpt-ai/k8sgpt/releases/download/v0.3.50/k8sgpt_amd64.apk
   apk add --allow-untrusted k8sgpt_amd64.apk
   ```
   <!---x-release-please-end-->

cmd/integration/deactivate.go

@@ -24,7 +24,7 @@ var deactivateCmd = &cobra.Command{
 	Use:   "deactivate [integration]",
 	Short: "Deactivate an integration",
 	Args:  cobra.ExactArgs(1),
-	Long:  `For example e.g. k8sgpt integration deactivate trivy`,
+	Long:  `For example e.g. k8sgpt integration deactivate prometheus`,
 	Run: func(cmd *cobra.Command, args []string) {
 		integrationName := args[0]
 

go.mod

@@ -85,7 +85,11 @@ require (
 	github.com/apparentlymart/go-cidr v1.1.0 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d // indirect
+	github.com/aquasecurity/table v1.8.0 // indirect
+	github.com/aquasecurity/tml v0.6.1 // indirect
+	github.com/aquasecurity/trivy v0.53.0 // indirect
 	github.com/aquasecurity/trivy-checks v0.13.0 // indirect
+	github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce // indirect
 	github.com/aws/aws-sdk-go-v2 v1.32.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.55.1 // indirect
 	github.com/aws/smithy-go v1.22.0 // indirect
@@ -203,10 +207,6 @@ require (
 	github.com/Masterminds/semver/v3 v3.3.0 // indirect
 	github.com/Masterminds/sprig/v3 v3.3.0 // indirect
 	github.com/Masterminds/squirrel v1.5.4 // indirect
-	github.com/aquasecurity/table v1.8.0 // indirect
-	github.com/aquasecurity/tml v0.6.1 // indirect
-	github.com/aquasecurity/trivy v0.53.0 // indirect
-	github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect

pkg/ai/amazonbedrock.go

@@ -2,8 +2,8 @@ package ai
 
 import (
 	"context"
-	"encoding/json"
-	"fmt"
+	"errors"
+	"github.com/k8sgpt-ai/k8sgpt/pkg/ai/bedrock_support"
 	"os"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -13,18 +13,18 @@ import (
 
 const amazonbedrockAIClientName = "amazonbedrock"
 
-// AmazonBedRockClient represents the client for interacting with the Amazon Bedrock service.
+// AmazonBedRockClient represents the client for interacting with the AmazonCompletion Bedrock service.
 type AmazonBedRockClient struct {
 	nopCloser
 
 	client      *bedrockruntime.BedrockRuntime
-	model       string
+	model       *bedrock_support.BedrockModel
 	temperature float32
 	topP        float32
 	maxTokens   int
 }
 
-// Amazon BedRock support region list US East (N. Virginia),US West (Oregon),Asia Pacific (Singapore),Asia Pacific (Tokyo),Europe (Frankfurt)
+// AmazonCompletion BedRock support region list US East (N. Virginia),US West (Oregon),Asia Pacific (Singapore),Asia Pacific (Tokyo),Europe (Frankfurt)
 // https://docs.aws.amazon.com/bedrock/latest/userguide/what-is-bedrock.html#bedrock-regions
 const BEDROCK_DEFAULT_REGION = "us-east-1" // default use us-east-1 region
 
@@ -44,41 +44,109 @@ var BEDROCKER_SUPPORTED_REGION = []string{
 	EU_Central_1,
 }
 
-const (
-	ModelAnthropicClaudeSonnetV3_5    = "anthropic.claude-3-5-sonnet-20240620-v1:0"
-	ModelAnthropicClaudeSonnetV3_5_V2 = "us.anthropic.claude-3-5-sonnet-20241022-v2:0"
-	ModelAnthropicClaudeV2            = "anthropic.claude-v2"
-	ModelAnthropicClaudeV1            = "anthropic.claude-v1"
-	ModelAnthropicClaudeInstantV1     = "anthropic.claude-instant-v1"
-	ModelA21J2UltraV1                 = "ai21.j2-ultra-v1"
-	ModelA21J2JumboInstruct           = "ai21.j2-jumbo-instruct"
-	ModelAmazonTitanExpressV1         = "amazon.titan-text-express-v1"
-)
-
-var BEDROCK_MODELS = []string{
-	ModelAnthropicClaudeV2,
-	ModelAnthropicClaudeV1,
-	ModelAnthropicClaudeInstantV1,
-	ModelA21J2UltraV1,
-	ModelA21J2JumboInstruct,
-	ModelAmazonTitanExpressV1,
-}
-
-//const TOPP = 0.9 moved to config
-
-// GetModelOrDefault check config model
-func GetModelOrDefault(model string) string {
-
-	// Check if the provided model is in the list
-	for _, m := range BEDROCK_MODELS {
-		if m == model {
-			return model // Return the provided model
-		}
+var (
+	models = []bedrock_support.BedrockModel{
+		{
+			Name:       "anthropic.claude-3-5-sonnet-20240620-v1:0",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "us.anthropic.claude-3-5-sonnet-20241022-v2:0",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "us.anthropic.claude-3-5-sonnet-20241022-v2:0",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "anthropic.claude-v2",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "anthropic.claude-v1",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "anthropic.claude-instant-v1",
+			Completion: &bedrock_support.CohereCompletion{},
+			Response:   &bedrock_support.CohereResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "ai21.j2-ultra-v1",
+			Completion: &bedrock_support.AI21{},
+			Response:   &bedrock_support.AI21Response{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "ai21.j2-jumbo-instruct",
+			Completion: &bedrock_support.AI21{},
+			Response:   &bedrock_support.AI21Response{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
+		{
+			Name:       "amazon.titan-text-express-v1",
+			Completion: &bedrock_support.AmazonCompletion{},
+			Response:   &bedrock_support.AmazonResponse{},
+			Config: bedrock_support.BedrockModelConfig{
+				// sensible defaults
+				MaxTokens:   100,
+				Temperature: 0.5,
+				TopP:        0.9,
+			},
+		},
 	}
-
-	// Return the default model if the provided model is not in the list
-	return BEDROCK_MODELS[0]
-}
+)
 
 // GetModelOrDefault check config region
 func GetRegionOrDefault(region string) string {
@@ -97,6 +165,16 @@ func GetRegionOrDefault(region string) string {
 	return BEDROCK_DEFAULT_REGION
 }
 
+// Get model from string
+func (a *AmazonBedRockClient) getModelFromString(model string) (*bedrock_support.BedrockModel, error) {
+	for _, m := range models {
+		if model == m.Name {
+			return &m, nil
+		}
+	}
+	return nil, errors.New("model not found")
+}
+
 // Configure configures the AmazonBedRockClient with the provided configuration.
 func (a *AmazonBedRockClient) Configure(config IAIConfig) error {
 
@@ -111,9 +189,15 @@ func (a *AmazonBedRockClient) Configure(config IAIConfig) error {
 		return err
 	}
 
+	foundModel, err := a.getModelFromString(config.GetModel())
+	if err != nil {
+		return err
+	}
+	// TODO: Override the completion config somehow
+
 	// Create a new BedrockRuntime client
 	a.client = bedrockruntime.New(sess)
-	a.model = GetModelOrDefault(config.GetModel())
+	a.model = foundModel
 	a.temperature = config.GetTemperature()
 	a.topP = config.GetTopP()
 	a.maxTokens = config.GetMaxTokens()
@@ -124,45 +208,19 @@ func (a *AmazonBedRockClient) Configure(config IAIConfig) error {
 // GetCompletion sends a request to the model for generating completion based on the provided prompt.
 func (a *AmazonBedRockClient) GetCompletion(ctx context.Context, prompt string) (string, error) {
 
-	// Prepare the input data for the model invocation based on the model & the Response Body per model as well.
-	var request map[string]interface{}
-	switch a.model {
-	case ModelAnthropicClaudeSonnetV3_5, ModelAnthropicClaudeSonnetV3_5_V2, ModelAnthropicClaudeV2, ModelAnthropicClaudeV1, ModelAnthropicClaudeInstantV1:
-		request = map[string]interface{}{
-			"prompt":               fmt.Sprintf("\n\nHuman: %s  \n\nAssistant:", prompt),
-			"max_tokens_to_sample": a.maxTokens,
-			"temperature":          a.temperature,
-			"top_p":                a.topP,
-		}
-	case ModelA21J2UltraV1, ModelA21J2JumboInstruct:
-		request = map[string]interface{}{
-			"prompt":      prompt,
-			"maxTokens":   a.maxTokens,
-			"temperature": a.temperature,
-			"topP":        a.topP,
-		}
-	case ModelAmazonTitanExpressV1:
-		request = map[string]interface{}{
-			"inputText": fmt.Sprintf("\n\nUser: %s", prompt),
-			"textGenerationConfig": map[string]interface{}{
-				"maxTokenCount": a.maxTokens,
-				"temperature":   a.temperature,
-				"topP":          a.topP,
-			},
-		}
-	default:
-		return "", fmt.Errorf("model %s not supported", a.model)
-	}
+	// override config defaults
+	a.model.Config.MaxTokens = a.maxTokens
+	a.model.Config.Temperature = a.temperature
+	a.model.Config.TopP = a.topP
 
-	body, err := json.Marshal(request)
+	body, err := a.model.Completion.GetCompletion(ctx, prompt, a.model.Config)
 	if err != nil {
 		return "", err
 	}
-
 	// Build the parameters for the model invocation
 	params := &bedrockruntime.InvokeModelInput{
 		Body:        body,
-		ModelId:     aws.String(a.model),
+		ModelId:     aws.String(a.model.Name),
 		ContentType: aws.String("application/json"),
 		Accept:      aws.String("application/json"),
 	}
@@ -173,54 +231,9 @@ func (a *AmazonBedRockClient) GetCompletion(ctx context.Context, prompt string)
 		return "", err
 	}
 
-	// Response type changes as per model
-	switch a.model {
-	case ModelAnthropicClaudeSonnetV3_5, ModelAnthropicClaudeSonnetV3_5_V2, ModelAnthropicClaudeV2, ModelAnthropicClaudeV1, ModelAnthropicClaudeInstantV1:
-		type InvokeModelResponseBody struct {
-			Completion  string `json:"completion"`
-			Stop_reason string `json:"stop_reason"`
-		}
-		output := &InvokeModelResponseBody{}
-		err = json.Unmarshal(resp.Body, output)
-		if err != nil {
-			return "", err
-		}
-		return output.Completion, nil
-	case ModelA21J2UltraV1, ModelA21J2JumboInstruct:
-		type Data struct {
-			Text string `json:"text"`
-		}
-		type Completion struct {
-			Data Data `json:"data"`
-		}
-		type InvokeModelResponseBody struct {
-			Completions []Completion `json:"completions"`
-		}
-		output := &InvokeModelResponseBody{}
-		err = json.Unmarshal(resp.Body, output)
-		if err != nil {
-			return "", err
-		}
-		return output.Completions[0].Data.Text, nil
-	case ModelAmazonTitanExpressV1:
-		type Result struct {
-			TokenCount       int    `json:"tokenCount"`
-			OutputText       string `json:"outputText"`
-			CompletionReason string `json:"completionReason"`
-		}
-		type InvokeModelResponseBody struct {
-			InputTextTokenCount int      `json:"inputTextTokenCount"`
-			Results             []Result `json:"results"`
-		}
-		output := &InvokeModelResponseBody{}
-		err = json.Unmarshal(resp.Body, output)
-		if err != nil {
-			return "", err
-		}
-		return output.Results[0].OutputText, nil
-	default:
-		return "", fmt.Errorf("model %s not supported", a.model)
-	}
+	// Parse the response
+	return a.model.Response.ParseResponse(resp.Body)
+
 }
 
 // GetName returns the name of the AmazonBedRockClient.

pkg/ai/bedrock_support/completions.go

@@ -0,0 +1,67 @@
+package bedrock_support
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+)
+
+type ICompletion interface {
+	GetCompletion(ctx context.Context, prompt string, modelConfig BedrockModelConfig) ([]byte, error)
+}
+
+type CohereCompletion struct {
+	completion ICompletion
+}
+
+func (a *CohereCompletion) GetCompletion(ctx context.Context, prompt string, modelConfig BedrockModelConfig) ([]byte, error) {
+	request := map[string]interface{}{
+		"prompt":               fmt.Sprintf("\n\nHuman: %s  \n\nAssistant:", prompt),
+		"max_tokens_to_sample": modelConfig.MaxTokens,
+		"temperature":          modelConfig.Temperature,
+		"top_p":                modelConfig.TopP,
+	}
+	body, err := json.Marshal(request)
+	if err != nil {
+		return []byte{}, err
+	}
+	return body, nil
+}
+
+type AI21 struct {
+	completion ICompletion
+}
+
+func (a *AI21) GetCompletion(ctx context.Context, prompt string, modelConfig BedrockModelConfig) ([]byte, error) {
+	request := map[string]interface{}{
+		"prompt":      prompt,
+		"maxTokens":   modelConfig.MaxTokens,
+		"temperature": modelConfig.Temperature,
+		"topP":        modelConfig.TopP,
+	}
+	body, err := json.Marshal(request)
+	if err != nil {
+		return []byte{}, err
+	}
+	return body, nil
+}
+
+type AmazonCompletion struct {
+	completion ICompletion
+}
+
+func (a *AmazonCompletion) GetCompletion(ctx context.Context, prompt string, modelConfig BedrockModelConfig) ([]byte, error) {
+	request := map[string]interface{}{
+		"inputText": fmt.Sprintf("\n\nUser: %s", prompt),
+		"textGenerationConfig": map[string]interface{}{
+			"maxTokenCount": modelConfig.MaxTokens,
+			"temperature":   modelConfig.Temperature,
+			"topP":          modelConfig.TopP,
+		},
+	}
+	body, err := json.Marshal(request)
+	if err != nil {
+		return []byte{}, err
+	}
+	return body, nil
+}

pkg/ai/bedrock_support/model.go

@@ -0,0 +1,13 @@
+package bedrock_support
+
+type BedrockModelConfig struct {
+	MaxTokens   int
+	Temperature float32
+	TopP        float32
+}
+type BedrockModel struct {
+	Name       string
+	Completion ICompletion
+	Response   IResponse
+	Config     BedrockModelConfig
+}

pkg/ai/bedrock_support/responses.go

@@ -0,0 +1,68 @@
+package bedrock_support
+
+import "encoding/json"
+
+type IResponse interface {
+	ParseResponse(rawResponse []byte) (string, error)
+}
+
+type CohereResponse struct {
+	response IResponse
+}
+
+func (a *CohereResponse) ParseResponse(rawResponse []byte) (string, error) {
+	type InvokeModelResponseBody struct {
+		Completion  string `json:"completion"`
+		Stop_reason string `json:"stop_reason"`
+	}
+	output := &InvokeModelResponseBody{}
+	err := json.Unmarshal(rawResponse, output)
+	if err != nil {
+		return "", err
+	}
+	return output.Completion, nil
+}
+
+type AI21Response struct {
+	response IResponse
+}
+
+func (a *AI21Response) ParseResponse(rawResponse []byte) (string, error) {
+	type Data struct {
+		Text string `json:"text"`
+	}
+	type Completion struct {
+		Data Data `json:"data"`
+	}
+	type InvokeModelResponseBody struct {
+		Completions []Completion `json:"completions"`
+	}
+	output := &InvokeModelResponseBody{}
+	err := json.Unmarshal(rawResponse, output)
+	if err != nil {
+		return "", err
+	}
+	return output.Completions[0].Data.Text, nil
+}
+
+type AmazonResponse struct {
+	response IResponse
+}
+
+func (a *AmazonResponse) ParseResponse(rawResponse []byte) (string, error) {
+	type Result struct {
+		TokenCount       int    `json:"tokenCount"`
+		OutputText       string `json:"outputText"`
+		CompletionReason string `json:"completionReason"`
+	}
+	type InvokeModelResponseBody struct {
+		InputTextTokenCount int      `json:"inputTextTokenCount"`
+		Results             []Result `json:"results"`
+	}
+	output := &InvokeModelResponseBody{}
+	err := json.Unmarshal(rawResponse, output)
+	if err != nil {
+		return "", err
+	}
+	return output.Results[0].OutputText, nil
+}

pkg/ai/prompts.go

@@ -6,8 +6,6 @@ const (
 	Error: {Explain error here}
 	Solution: {Step by step solution here}
 	`
-	trivy_vuln_prompt = "Explain the following trivy scan result and the detail risk or root cause of the CVE ID, then provide a solution. Response in %s: %s"
-	trivy_conf_prompt = "Explain the following trivy scan result and the detail risk or root cause of the security check, then provide a solution."
 
 	prom_conf_prompt = `Simplify the following Prometheus error message delimited by triple dashes written in --- %s --- language; --- %s ---.
 	This error came when validating the Prometheus configuration file.
@@ -62,8 +60,6 @@ const (
 
 var PromptMap = map[string]string{
 	"default":                       default_prompt,
-	"VulnerabilityReport":           trivy_vuln_prompt, // for Trivy integration, the key should match `Result.Kind` in pkg/common/types.go
-	"ConfigAuditReport":             trivy_conf_prompt,
 	"PrometheusConfigValidate":      prom_conf_prompt,
 	"PrometheusConfigRelabelReport": prom_relabel_prompt,
 	"PolicyReport":                  kyverno_prompt,

pkg/integration/integration.go

@@ -23,7 +23,6 @@ import (
 	"github.com/k8sgpt-ai/k8sgpt/pkg/common"
 	"github.com/k8sgpt-ai/k8sgpt/pkg/integration/keda"
 	"github.com/k8sgpt-ai/k8sgpt/pkg/integration/prometheus"
-	"github.com/k8sgpt-ai/k8sgpt/pkg/integration/trivy"
 	"github.com/k8sgpt-ai/k8sgpt/pkg/util"
 	"github.com/spf13/viper"
 )
@@ -49,7 +48,6 @@ type Integration struct {
 }
 
 var integrations = map[string]IIntegration{
-	"trivy":      trivy.NewTrivy(),
 	"prometheus": prometheus.NewPrometheus(),
 	"aws":        aws.NewAWS(),
 	"keda":       keda.NewKeda(),

pkg/integration/trivy/analyzer.go

@@ -1,175 +0,0 @@
-/*
-Copyright 2023 The K8sGPT Authors.
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package trivy
-
-import (
-	"fmt"
-	"strings"
-
-	ctrl "sigs.k8s.io/controller-runtime/pkg/client"
-
-	"github.com/aquasecurity/trivy-operator/pkg/apis/aquasecurity/v1alpha1"
-	"github.com/k8sgpt-ai/k8sgpt/pkg/common"
-	"github.com/k8sgpt-ai/k8sgpt/pkg/util"
-)
-
-type TrivyAnalyzer struct {
-	vulernabilityReportAnalysis bool
-	configAuditReportAnalysis   bool
-}
-
-func (TrivyAnalyzer) analyzeVulnerabilityReports(a common.Analyzer) ([]common.Result, error) {
-	// Get all trivy VulnerabilityReports
-	result := &v1alpha1.VulnerabilityReportList{}
-
-	client := a.Client.CtrlClient
-	err := v1alpha1.AddToScheme(client.Scheme())
-	if err != nil {
-		return nil, err
-	}
-	if err := client.List(a.Context, result, &ctrl.ListOptions{}); err != nil {
-		return nil, err
-	}
-
-	// Find criticals and get CVE
-	var preAnalysis = map[string]common.PreAnalysis{}
-
-	for _, report := range result.Items {
-
-		// For each pod there may be multiple vulnerabilities
-		var failures []common.Failure
-		distinctFailures := make(map[string]common.Failure)
-		for _, vuln := range report.Report.Vulnerabilities {
-			if vuln.Severity == "CRITICAL" {
-				// get the vulnerability ID
-				// get the vulnerability description
-				text := fmt.Sprintf("critical Vulnerability found ID: %s (learn more at: %s)", vuln.VulnerabilityID, vuln.PrimaryLink)
-				distinctFailures[text] = common.Failure{
-					Text:      text,
-					Sensitive: []common.Sensitive{},
-				}
-			}
-		}
-		for _, v := range distinctFailures {
-			failures = append(failures, v)
-		}
-		if len(failures) > 0 {
-			preAnalysis[fmt.Sprintf("%s/%s", report.Namespace,
-				report.Name)] = common.PreAnalysis{
-				TrivyVulnerabilityReport: report,
-				FailureDetails:           failures,
-			}
-		}
-	}
-
-	for key, value := range preAnalysis {
-		var currentAnalysis = common.Result{
-			Kind:  "VulnerabilityReport",
-			Name:  key,
-			Error: value.FailureDetails,
-		}
-
-		parent, _ := util.GetParent(a.Client, value.TrivyVulnerabilityReport.ObjectMeta)
-		currentAnalysis.ParentObject = parent
-		a.Results = append(a.Results, currentAnalysis)
-	}
-
-	return a.Results, nil
-
-}
-
-func (t TrivyAnalyzer) analyzeConfigAuditReports(a common.Analyzer) ([]common.Result, error) {
-	// Get all trivy ConfigAuditReports
-	result := &v1alpha1.ConfigAuditReportList{}
-
-	client := a.Client.CtrlClient
-	err := v1alpha1.AddToScheme(client.Scheme())
-	if err != nil {
-		return nil, err
-	}
-	if err := client.List(a.Context, result, &ctrl.ListOptions{}); err != nil {
-		return nil, err
-	}
-
-	// Find criticals and get CVE
-	var preAnalysis = map[string]common.PreAnalysis{}
-
-	for _, report := range result.Items {
-
-		// For each k8s resources there may be multiple checks
-		var failures []common.Failure
-		for _, check := range report.Report.Checks {
-			if check.Severity == "MEDIUM" || check.Severity == "HIGH" || check.Severity == "CRITICAL" {
-				failures = append(failures, common.Failure{
-					Text: fmt.Sprintf("Config issue with severity \"%s\" found: %s", check.Severity, strings.Join(check.Messages, "")),
-					Sensitive: []common.Sensitive{
-						{
-							Unmasked: report.Labels["trivy-operator.resource.name"],
-							Masked:   util.MaskString(report.Labels["trivy-operator.resource.name"]),
-						},
-						{
-							Unmasked: report.Labels["trivy-operator.resource.namespace"],
-							Masked:   util.MaskString(report.Labels["trivy-operator.resource.namespace"]),
-						},
-					},
-				})
-			}
-		}
-
-		if len(failures) > 0 {
-			preAnalysis[fmt.Sprintf("%s/%s", report.Namespace,
-				report.Name)] = common.PreAnalysis{
-				TrivyConfigAuditReport: report,
-				FailureDetails:         failures,
-			}
-		}
-	}
-
-	for key, value := range preAnalysis {
-		var currentAnalysis = common.Result{
-			Kind:  "ConfigAuditReport",
-			Name:  key,
-			Error: value.FailureDetails,
-		}
-
-		parent, _ := util.GetParent(a.Client, value.TrivyConfigAuditReport.ObjectMeta)
-		currentAnalysis.ParentObject = parent
-		a.Results = append(a.Results, currentAnalysis)
-	}
-
-	return a.Results, nil
-}
-
-func (t TrivyAnalyzer) Analyze(a common.Analyzer) ([]common.Result, error) {
-
-	if t.vulernabilityReportAnalysis {
-		common := make([]common.Result, 0)
-		vresult, err := t.analyzeVulnerabilityReports(a)
-		if err != nil {
-			return nil, err
-		}
-		common = append(common, vresult...)
-		return common, nil
-	}
-	if t.configAuditReportAnalysis {
-		common := make([]common.Result, 0)
-		cresult, err := t.analyzeConfigAuditReports(a)
-		if err != nil {
-			return nil, err
-		}
-		common = append(common, cresult...)
-		return common, nil
-	}
-	return make([]common.Result, 0), nil
-}

pkg/integration/trivy/trivy.go

@@ -1,199 +0,0 @@
-/*
-Copyright 2023 The K8sGPT Authors.
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-    http://www.apache.org/licenses/LICENSE-2.0
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package trivy
-
-import (
-	"context"
-	"fmt"
-	"os"
-
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
-
-	"github.com/fatih/color"
-	"github.com/k8sgpt-ai/k8sgpt/pkg/common"
-	"github.com/k8sgpt-ai/k8sgpt/pkg/kubernetes"
-	helmclient "github.com/mittwald/go-helm-client"
-	"github.com/spf13/viper"
-	"helm.sh/helm/v3/pkg/repo"
-)
-
-var (
-	Repo          = getEnv("TRIVY_REPO", "https://aquasecurity.github.io/helm-charts/")
-	Version       = getEnv("TRIVY_VERSION", "0.13.0")
-	ChartName     = getEnv("TRIVY_CHART_NAME", "trivy-operator")
-	RepoShortName = getEnv("TRIVY_REPO_SHORT_NAME", "aqua")
-	ReleaseName   = getEnv("TRIVY_RELEASE_NAME", "trivy-operator-k8sgpt")
-)
-
-type Trivy struct {
-	helm helmclient.Client
-}
-
-func getEnv(key, defaultValue string) string {
-	value := os.Getenv(key)
-	if value == "" {
-		return defaultValue
-	}
-	return value
-}
-
-func NewTrivy() *Trivy {
-	helmClient, err := helmclient.New(&helmclient.Options{})
-	if err != nil {
-		panic(err)
-	}
-	return &Trivy{
-		helm: helmClient,
-	}
-}
-
-func (t *Trivy) GetAnalyzerName() []string {
-	return []string{
-		"VulnerabilityReport",
-		"ConfigAuditReport",
-	}
-}
-
-// This doesnt work
-func (t *Trivy) GetNamespace() (string, error) {
-	releases, err := t.helm.ListDeployedReleases()
-	if err != nil {
-		return "", err
-	}
-	for _, rel := range releases {
-		if rel.Name == ReleaseName {
-			return rel.Namespace, nil
-		}
-	}
-	return "", status.Error(codes.NotFound, "trivy release not found")
-}
-
-func (t *Trivy) OwnsAnalyzer(analyzer string) bool {
-
-	for _, a := range t.GetAnalyzerName() {
-		if analyzer == a {
-			return true
-		}
-	}
-	return false
-}
-func (t *Trivy) Deploy(namespace string) error {
-
-	// Add the repository
-	chartRepo := repo.Entry{
-		Name: RepoShortName,
-		URL:  Repo,
-	}
-	// Add a chart-repository to the client.
-	if err := t.helm.AddOrUpdateChartRepo(chartRepo); err != nil {
-		panic(err)
-	}
-
-	chartSpec := helmclient.ChartSpec{
-		ReleaseName: ReleaseName,
-		ChartName:   fmt.Sprintf("%s/%s", RepoShortName, ChartName),
-		Namespace:   namespace,
-
-		//TODO: All of this should be configurable
-		UpgradeCRDs:     true,
-		Wait:            false,
-		Timeout:         300,
-		CreateNamespace: true,
-	}
-
-	// Install a chart release.
-	// Note that helmclient.Options.Namespace should ideally match the namespace in chartSpec.Namespace.
-	if _, err := t.helm.InstallOrUpgradeChart(context.Background(), &chartSpec, nil); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (t *Trivy) UnDeploy(namespace string) error {
-	chartSpec := helmclient.ChartSpec{
-		ReleaseName: ReleaseName,
-		ChartName:   fmt.Sprintf("%s/%s", RepoShortName, ChartName),
-		Namespace:   namespace,
-		UpgradeCRDs: true,
-		Wait:        false,
-		Timeout:     300,
-	}
-	// Uninstall the chart release.
-	// Note that helmclient.Options.Namespace should ideally match the namespace in chartSpec.Namespace.
-	if err := t.helm.UninstallRelease(&chartSpec); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (t *Trivy) isDeployed() bool {
-	// check if aquasec apigroup is available as a marker if trivy is installed on the cluster
-	kubecontext := viper.GetString("kubecontext")
-	kubeconfig := viper.GetString("kubeconfig")
-	client, err := kubernetes.NewClient(kubecontext, kubeconfig)
-	if err != nil {
-		// TODO: better error handling
-		color.Red("Error initialising kubernetes client: %v", err)
-		os.Exit(1)
-	}
-	groups, _, err := client.Client.Discovery().ServerGroupsAndResources()
-	if err != nil {
-		// TODO: better error handling
-		color.Red("Error initialising discovery client: %v", err)
-		os.Exit(1)
-	}
-
-	for _, group := range groups {
-		if group.Name == "aquasecurity.github.io" {
-			return true
-		}
-	}
-
-	return false
-}
-
-func (t *Trivy) isFilterActive() bool {
-	activeFilters := viper.GetStringSlice("active_filters")
-
-	for _, filter := range t.GetAnalyzerName() {
-		for _, af := range activeFilters {
-			if af == filter {
-				return true
-			}
-		}
-	}
-
-	return false
-}
-
-func (t *Trivy) IsActivate() bool {
-	if t.isFilterActive() && t.isDeployed() {
-		return true
-	} else {
-		return false
-	}
-}
-
-func (t *Trivy) AddAnalyzer(mergedMap *map[string]common.IAnalyzer) {
-
-	(*mergedMap)["VulnerabilityReport"] = &TrivyAnalyzer{
-		vulernabilityReportAnalysis: true,
-	}
-	(*mergedMap)["ConfigAuditReport"] = &TrivyAnalyzer{
-		configAuditReportAnalysis: true,
-	}
-
-}