Skip to content

chore: update test to version 0.27.1 #106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 9, 2022
Merged

chore: update test to version 0.27.1 #106

merged 3 commits into from
May 9, 2022

Conversation

krol3
Copy link
Contributor

@krol3 krol3 commented Apr 26, 2022

No description provided.

@krol3 krol3 requested review from simar7 and knqyf263 April 26, 2022 02:15
@knqyf263
Copy link
Contributor

@krol3 What do you mean "update test"?

@knqyf263
Copy link
Contributor

Looks like this PR updates Trivy version. It also updates tests though.

@krol3
Copy link
Contributor Author

krol3 commented Apr 26, 2022

@krol3 What do you mean "update test"?

Using bats, we have unit test for the entrypoint.sh. I updated with the option "secret" for example.

@knqyf263
Copy link
Contributor

Using bats, we have unit test for the entrypoint.sh. I updated with the option "secret" for example.

Hmm, so doesn't this PR update Trivy version? This change affects only tests, right?

@krol3
Copy link
Contributor Author

krol3 commented Apr 26, 2022

Using bats, we have unit test for the entrypoint.sh. I updated with the option "secret" for example.

Hmm, so doesn't this PR update Trivy version? This change affects only tests, right?

@knqyf263 I update the image version here https://github.com/krol3/trivy-action/blob/trivy-0.27/Dockerfile#L1
and also the test of using this version here: https://github.com/krol3/trivy-action/blob/trivy-0.27/test/test.bats#L40

@knqyf263
Copy link
Contributor

If we update the Trivy version, I'm feeling like the test is not main concern in this PR. Am I correct? I saw the PR title and commit message, then I thought this PR just updated tests. But it looks like it updates the Trivy version as well. That's why I'm confused as I'm not so familiar with trivy-action.

@knqyf263 I update the image version here https://github.com/krol3/trivy-action/blob/trivy-0.27/Dockerfile#L1

You mean this action will use v0.27.0, right?

simar7
simar7 reviewed Apr 27, 2022
View reviewed changes
test/test.bats
@@ -37,7 +37,7 @@

@test "trivy fs with securityChecks option" {
# trivy fs -f json --security-checks=vuln,config -o fs.test .
./entrypoint.sh '-a fs' '-j .' '-b json' '-s vuln,config' '-h fs-scheck.test'
./entrypoint.sh '-a fs' '-j .' '-b json' '-s vuln,config,secret' '-h fs-scheck.test'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Where is fs-scheck.test? Did you forgot to check it in?
  2. Can we update the repo with a dummy secret and accordingly update the golden file to make an assertion?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah! @simar7 I forgot to add the data/fs-scheck.test

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Related (2), I using the trivy repo with the secret option.

@simar7 simar7 mentioned this pull request May 6, 2022
Closed
@simar7
Copy link
Member

simar7 commented May 6, 2022

hi @krol3 - any update on this? Some users are trying to use secret scanning with Trivy Action and won't be able to until we update it with merging this PR.

@krol3 krol3 force-pushed the trivy-0.27 branch 2 times, most recently from c93ade7 to e855258 Compare May 6, 2022 21:22
@krol3 krol3 changed the title chore: update test to version 0.27.0 chore: update test to version 0.27.1 May 7, 2022
@krol3 krol3 requested a review from simar7 May 7, 2022 14:49
@krol3
Copy link
Contributor Author

krol3 commented May 8, 2022

@simar7 the PR was updated with all your review's point

@james-luther
Copy link
Contributor

If there is anything I can help with on this PR, please let me know. I'm anxiously waiting for secret scanning and I don't want to build a custom action just for my use. :-)

@simar7 simar7 merged commit 4b9b6fb into aquasecurity:master May 9, 2022
@krol3 krol3 deleted the trivy-0.27 branch May 11, 2022 01:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simar7 simar7 simar7 approved these changes

@knqyf263 knqyf263 Awaiting requested review from knqyf263

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@krol3 @knqyf263 @simar7 @james-luther