* fix: use trivy_envs.txt for envs
* test: add test step
* refactor
* refactor
* test
* refactor: use `export` in trivy_envs.txt
* test
* test metadata.json
* test metadata.json
* Clean up envs file better (#422)
- Explicitly rm -f it at start and end of action
- Also remove temporary test steps from action
* Add BATS test for usage of trivy_envs.txt file (#422)
* Add optional step triggered only when Actions Debug logging
Dump the generated environment variables file only when tests are run
with actions debug logging
* Fix to always set env vars into file (#422)
This is done as long as they have a non-empty input value, or a
non-empty default value.
* Clean up env overwriting
- Remove unnecessary debug statements in the action used during testing
- Additional explanatory comments
- Fix to address case where caller explicitly injects environment
variables, either via env: block on the action call or via GITHUB_ENV
* Further refine env var setting logic (#422)
Noted in documenting this fix that what had been implemented deviated
from the existing configuration priority documentation. Amended the
implementation of the Action to try and restore that consistency.
* Fix shell syntax error (#422)
---------
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
* Action now takes an input for terraform variable filess
* added tf-vars
* updated README.md
* Updated yamlconfig test to latest version of trivy output for that container
* updated for correct cpu type
* test trivy version change to 0.45.0
* run scan with correct parameters
* Added test for terraform tfvars
* Updated output for other tests
* use test data as path and updated tf vars to be relative
* removed quiet
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided
Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
* feat(yaml): Add support for trivy.yaml
Signed-off-by: Simar <simar@linux.com>
* chore: fixing test using trivy v 0.30.0
* chore(deps): Update to use Trivy v0.30.2
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
* Fix bug with test for securityChecks option which caused it to be skipped.
* Convert tests to JSON output only, and update them for Trivy 0.28.1.
* Update CI test to use Trivy 0.28.1.
* Add support for supplying one or more .trivyignore files.
* Fix gitignore for test data.
* Add test for trivyignores option.
* Be explicit about the trivy options we use during testing.
* Add documentation of trivyignores option.
* chore: update test to version 0.27.0
* chore: add test file secret and update to 0.27.1
* fix: support repository with securityCheck secret
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
Nikita Pivkin
Rob Vesse
Teppei Fukuda
simar7
Calin Marina
Kyle Davies
Simar
Herman Wika Horn
Viktor Sadovnikov
Carol Valencia
Achton Smidt Winther