Feature: uses service image for trivy scans (#433)

* Changes java opt

* removes serveropt

* Updates with comment

* Removes explicit Docker host set

---------

Co-authored-by: Blaize Kaye <[email protected]>

Author: bomoko

legacy/scripts/exec-generate-insights-configmap.sh

@@ -9,7 +9,7 @@ IMAGE_INSPECT_CONFIGMAP="lagoon-insights-image-${IMAGE_NAME}"
 IMAGE_INSPECT_OUTPUT_FILE="${TMP_DIR}/${IMAGE_NAME}.image-inspect.json.gz"
 
 # Here we give the cluster administrator the ability to override the insights scan image
-INSIGHTS_SCAN_IMAGE="aquasec/trivy"
+INSIGHTS_SCAN_IMAGE="uselagoon/insights-trivy"
   if [ "$ADMIN_LAGOON_FEATURE_FLAG_INSIGHTS_SCAN_IMAGE" ]; then
     INSIGHTS_SCAN_IMAGE="${ADMIN_LAGOON_FEATURE_FLAG_INSIGHTS_SCAN_IMAGE}"
   fi
@@ -55,7 +55,9 @@ echo "Running sbom scan using trivy"
 echo "Image being scanned: ${IMAGE_FULL}"
 echo "Using image for scan ${IMAGECACHE_REGISTRY}${INSIGHTS_SCAN_IMAGE}"
 
-DOCKER_HOST=docker-host.lagoon.svc docker run --rm -v /var/run/docker.sock:/var/run/docker.sock ${IMAGECACHE_REGISTRY}${INSIGHTS_SCAN_IMAGE} image --skip-java-db-update ${IMAGE_FULL} --format ${SBOM_OUTPUT} | gzip > ${SBOM_OUTPUT_FILE}
+# Setting JAVAOPT to skip the java db update, as the upstream image comes with a pre-populated database
+JAVAOPT="--skip-java-db-update"
+docker run --rm -v /var/run/docker.sock:/var/run/docker.sock ${IMAGECACHE_REGISTRY}${INSIGHTS_SCAN_IMAGE} image ${JAVAOPT} ${IMAGE_FULL} --format ${SBOM_OUTPUT} | gzip > ${SBOM_OUTPUT_FILE}
 
 FILESIZE=$(stat -c%s "$SBOM_OUTPUT_FILE")
 echo "Size of ${SBOM_OUTPUT_FILE} = $FILESIZE bytes."