Set up development environment with Skaffold

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "harbor-helm"]
+	path = harbor-helm
+	url = https://github.com/goharbor/harbor-helm.git

CONTRIBUTING.md

@@ -17,38 +17,57 @@
 
 1. Install Go.
 
-   The project requires [Go 1.17][go-download] or later. We also assume that you're familiar with
+   The project requires [Go 1.21][go-download] or later. We also assume that you're familiar with
    Go's [GOPATH workspace][go-code] convention, and have the appropriate environment variables set.
-2. Install Docker, Docker Compose, and Make.
+2. Install Docker, Make, and Skaffold.
 3. Get the source code.
    ```
    git clone https://github.com/aquasecurity/harbor-scanner-trivy.git
    cd harbor-scanner-trivy
    ```
+
+**NOTE**: Podman is [not supported](https://github.com/GoogleContainerTools/skaffold/issues/8430) by Skaffold.
 
-## Setup Development Environment with Vagrant
+## Set up Development Environment with Kubernetes
 
 1. Get the source code.
    ```
-   git clone https://github.com/aquasecurity/harbor-scanner-trivy.git
+   git clone --recursive https://github.com/aquasecurity/harbor-scanner-trivy.git
    cd harbor-scanner-trivy
    ```
-2. Create and configure a guest development machine, which is based on Ubuntu 20.4 LTS and has Go, Docker, Docker Compose,
-   Make, and Harbor v2.5.1 preinstalled. Harbor is installed in the `/opt/harbor` directory.
+2. Launch a Kubernetes cluster
+
+   We recommend setting up a Kubernetes cluster with:
+
+   - [kind](https://kind.sigs.k8s.io/docs/user/quick-start/)
+   - [minikube](https://minikube.sigs.k8s.io/docs/start/)
+   - [Docker Desktop](https://docs.docker.com/desktop/)
+   - [Rancher Desktop](https://docs.rancherdesktop.io/ui/preferences/kubernetes/)
+
+   However, you can use any Kubernetes cluster you want.
+
+   In case of kind, you can use the following command to create a cluster:
    ```
-   vagrant up
+   kind create cluster --name harbor-scanner-trivy
    ```
-   If everything goes well Harbor will be accessible at http://localhost:8181 (admin/Harbor12345).
 
-   To SSH into a running Vagrant machine.
+3. Run Skaffold
+
+   The following command will build the image and deploy Harbor with the scanner adapter to the Kubernetes cluster:
    ```
-   vagrant ssh
+   make dev
    ```
-   The `/vagrant` directory in the development machine is shared between host and guest. This, for example, allows you
-   to rebuild a container image for testing.
+
+4. Access Harbor UI
+
+   After the Harbor chart is deployed, you can access `https://core.harbor.domain`.
+   It depends on how you configure the Kubernetes cluster, but you may need to add a host entry to `/etc/hosts` file.
+
    ```
-   vagrant@ubuntu-focal:/vagrant$ make docker-build
+   echo "127.0.0.1\tcore.harbor.domain" | sudo tee -a /etc/hosts
    ```
+
+   username: admin, password: Harbor12345
 
 ## Build Binaries
 

Dockerfile.dev

@@ -0,0 +1,33 @@
+# That's the only place where you're supposed to specify version of Trivy.
+ARG TRIVY_VERSION=0.46.0
+ARG SKAFFOLD_GO_GCFLAGS
+
+FROM golang:1.21-alpine AS builder
+
+WORKDIR /go/src/github.com/aquasecurity/harbor-scanner-trivy
+
+# Download Go dependencies first
+COPY go.mod go.sum ./
+RUN go mod download
+
+# Copy the entire project and build it.
+COPY cmd/ ./cmd
+COPY pkg/ ./pkg
+RUN CGO_ENABLED=0 go build -gcflags="${SKAFFOLD_GO_GCFLAGS}" -o scanner-trivy cmd/scanner-trivy/main.go
+
+FROM aquasec/trivy:${TRIVY_VERSION}
+
+ENV GOTRACEBACK=all
+
+# An ARG declared before a FROM is outside of a build stage, so it can't be used in any
+# instruction after a FROM. To use the default value of an ARG declared before the first
+# FROM use an ARG instruction without a value inside of a build stage.
+ARG TRIVY_VERSION
+
+RUN adduser -u 10000 -D -g '' scanner scanner
+
+COPY --from=builder /go/src/github.com/aquasecurity/harbor-scanner-trivy/scanner-trivy /home/scanner/bin/scanner-trivy
+
+ENV TRIVY_VERSION=${TRIVY_VERSION}
+
+ENTRYPOINT ["/home/scanner/bin/scanner-trivy"]

Makefile

@@ -3,12 +3,13 @@ BINARY := scanner-trivy
 IMAGE_TAG := dev
 IMAGE := aquasec/harbor-scanner-trivy:$(IMAGE_TAG)
 
+.PHONY: build test test-integration test-component docker-build setup dev debug run
+
 build: $(BINARY)
 
 test: build
 	GO111MODULE=on go test -v -short -race -coverprofile=coverage.txt -covermode=atomic ./...
 
-.PHONY: test-integration
 test-integration: build
 	GO111MODULE=on go test -count=1 -v -tags=integration ./test/integration/...
 
@@ -26,11 +27,18 @@ docker-build: build
 lint:
 	./bin/golangci-lint --build-tags component,integration run -v
 
-.PHONY: setup
 setup:
 	curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh| sh -s v1.21.0
 
-.PHONY: run
+submodule:
+	git submodule update --init --recursive
+
+dev:
+	skaffold dev --tolerate-failures-until-deadline=true
+
+debug:
+	skaffold debug --tolerate-failures-until-deadline=true
+
 run: export SCANNER_TRIVY_CACHE_DIR = $(TMPDIR)harbor-scanner-trivy/.cache/trivy
 run: export SCANNER_TRIVY_REPORTS_DIR=$(TMPDIR)harbor-scanner-trivy/.cache/reports
 run: export SCANNER_LOG_LEVEL=debug

skaffold.yaml

@@ -0,0 +1,22 @@
+apiVersion: skaffold/v4beta7
+kind: Config
+metadata:
+  name: harbor-scanner-trivy
+build:
+  local:
+    push: false # Use kind, minikube, Docker Desktop, Rancher Desktop, etc.
+    useDockerCLI: true
+  artifacts:
+    - image: aquasecurity/harbor-scanner-trivy
+      docker:
+        dockerfile: Dockerfile.dev
+deploy:
+  helm:
+    releases:
+      - name: my-harbor
+        chartPath: ./harbor-helm # remoteChart doesn't work for some reason
+        valuesFiles:
+          - ./harbor-helm/values.yaml
+        setValueTemplates:
+          trivy.image.repository: "{{.IMAGE_REPO_aquasecurity_harbor_scanner_trivy}}"
+          trivy.image.tag: "{{.IMAGE_TAG_aquasecurity_harbor_scanner_trivy}}"