From 2b30463ddb3d11724a04e760e020c7d9af24d8b3 Mon Sep 17 00:00:00 2001 From: Carol Valencia <8355621+krol3@users.noreply.github.com> Date: Mon, 18 Apr 2022 10:40:37 -0500 Subject: [PATCH] chore: Update trivy version to 0.26.0 (#102) * chore: Update trivy version to 0.25.3 * feat: trivy fs - securityCheck test * chore: update trivy 0.26.0 Co-authored-by: carolina valencia --- .github/workflows/build.yaml | 2 +- Dockerfile | 2 +- test/data/image-sarif.test | 2 +- test/test.bats | 7 +++++++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a85f71a..edc20d9 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,7 +1,7 @@ name: "build" on: [push, pull_request] env: - TRIVY_VERSION: 0.25.0 + TRIVY_VERSION: 0.26.0 jobs: build: name: build diff --git a/Dockerfile b/Dockerfile index 23eff7d..8bcf9f6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM aquasec/trivy:0.25.0 +FROM aquasec/trivy:0.26.0 COPY entrypoint.sh / RUN apk --no-cache add bash RUN chmod +x /entrypoint.sh diff --git a/test/data/image-sarif.test b/test/data/image-sarif.test index ada3fb7..0cae6d8 100644 --- a/test/data/image-sarif.test +++ b/test/data/image-sarif.test @@ -442,7 +442,7 @@ } } ], - "version": "0.25.0" + "version": "0.26.0" } }, "results": [ diff --git a/test/test.bats b/test/test.bats index 745bb7c..fe876ef 100644 --- a/test/test.bats +++ b/test/test.bats @@ -35,6 +35,13 @@ [ "$result" == '' ] } +@test "trivy fs with securityChecks option" { + # trivy fs -f json --security-checks=vuln,config -o fs.test . + ./entrypoint.sh '-a fs' '-j .' '-b json' '-s vuln,config' '-h fs-scheck.test' + result="$(diff ./test/data/fs.test fs.test)" + [ "$result" == '' ] +} + @test "trivy repo" { # trivy repo -f json -o repo.test --severity CRITICAL https://github.com/aquasecurity/trivy-action/ ./entrypoint.sh '-b json' '-h repo.test' '-g CRITICAL' '-a repo' '-j https://github.com/aquasecurity/trivy-action/'