chore: pinning 0.29.0 trivy (#128 )

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
Add missing option to README. (#127 )
2022-06-17 13:27:39 -07:00 · 2022-06-16 08:25:13 -07:00 · 2022-06-15 09:16:34 -07:00
7 changed files with 16 additions and 15 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -1,7 +1,7 @@
 name: "build"
 on: [push, pull_request]
 env:
-  TRIVY_VERSION: 0.28.1
+  TRIVY_VERSION: 0.29.0
 jobs:
  build:
    name: build
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM ghcr.io/aquasecurity/trivy:0.28.1
+FROM ghcr.io/aquasecurity/trivy:0.29.0
 COPY entrypoint.sh /
 RUN apk --no-cache add bash
 RUN chmod +x /entrypoint.sh
--- a/README.md
+++ b/README.md
@@ -80,7 +80,7 @@ jobs:
          output: 'trivy-results.sarif'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -115,7 +115,7 @@ jobs:
          output: 'trivy-results.sarif'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        if: always()
        with:
          sarif_file: 'trivy-results.sarif'
@@ -152,7 +152,7 @@ jobs:
          severity: 'CRITICAL'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -187,7 +187,7 @@ jobs:
          severity: 'CRITICAL'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -222,7 +222,7 @@ jobs:
          severity: 'CRITICAL,HIGH'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -259,7 +259,7 @@ jobs:
          TRIVY_PASSWORD: Password

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -296,7 +296,7 @@ jobs:
          AWS_DEFAULT_REGION: us-west-2

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -330,7 +330,7 @@ jobs:
          GOOGLE_APPLICATION_CREDENTIAL: /path/to/credential.json

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -364,7 +364,7 @@ jobs:
          TRIVY_PASSWORD: Password

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
 ```
@@ -393,6 +393,7 @@ Following inputs can be used as `step.with` keys:
 | `cache-dir`      | String  |                                    | Cache directory                               |
 | `timeout`        | String  | `5m0s`                             | Scan timeout duration                         |
 | `ignore-policy`  | String  |                                    | Filter vulnerabilities with OPA rego language |
+| `hide-progress`  | String  | `true`                             | Suppress progress bar                         |
 | `list-all-pkgs`  | String  |                                    | Output all packages regardless of vulnerability |
 | `security-checks`| String  | `vuln,secret`                      | comma-separated list of what security issues to detect (`vuln`,`secret`,`config`)|
 | `trivyignores`   | String  |                                    | comma-separated list of relative paths in repository to one or more `.trivyignore` files |
--- a/test/data/config.test
+++ b/test/data/config.test
@@ -20,7 +20,7 @@
      "Class": "config",
      "Type": "dockerfile",
      "MisconfSummary": {
-        "Successes": 22,
+        "Successes": 21,
        "Failures": 1,
        "Exceptions": 0
      },
--- a/test/data/fs-scheck.test
+++ b/test/data/fs-scheck.test
@@ -20,7 +20,7 @@
      "Class": "config",
      "Type": "dockerfile",
      "MisconfSummary": {
-        "Successes": 22,
+        "Successes": 21,
        "Failures": 1,
        "Exceptions": 0
      },
--- a/test/data/image-sarif.test
+++ b/test/data/image-sarif.test
@@ -442,7 +442,7 @@
              }
            }
          ],
-          "version": "0.28.1"
+          "version": "0.29.0"
        }
      },
      "results": [
--- a/workflow.yml
+++ b/workflow.yml
@@ -29,6 +29,6 @@ jobs:
          severity: 'CRITICAL,HIGH'

      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results.sarif'
Author	SHA1	Message	Date
Carol Valencia	49e970d7ac	chore: pinning 0.29.0 trivy (#128 ) Co-authored-by: carolina valencia <krol3@users.noreply.github.com>	2022-06-17 13:27:39 -07:00
Achton Smidt Winther	c666240787	Add missing option to README. (#127 )	2022-06-16 08:25:13 -07:00
David Calvert	e27605859b	feat: update codeql-action/upload-sarif to v2 (#124 )	2022-06-15 09:16:34 -07:00