Skip to content

Commit

Permalink
feat(trivy): Bump to support v0.55.2
Browse files Browse the repository at this point in the history
  • Loading branch information
simar7 committed Sep 17, 2024
1 parent d9cd5b1 commit 8327bc0
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 13 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
workflow_dispatch:

env:
TRIVY_VERSION: 0.53.0
TRIVY_VERSION: 0.55.2
BATS_LIB_PATH: '/usr/lib/'

jobs:
Expand All @@ -26,4 +26,4 @@ jobs:
- name: Test
run: |
chmod +x entrypoint.sh
bats -r -T .
TRIVY_DISABLE_VEX_NOTICE=true bats -r -T .
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM ghcr.io/aquasecurity/trivy:0.53.0
FROM ghcr.io/aquasecurity/trivy:0.55.2
COPY entrypoint.sh /
RUN apk --no-cache add bash curl npm
RUN chmod +x /entrypoint.sh
Expand Down
14 changes: 7 additions & 7 deletions test/data/config-sarif-report/report.sarif
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"version": "2.1.0",
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json",
"runs": [
{
"tool": {
Expand Down Expand Up @@ -91,7 +91,7 @@
}
},
{
"id": "AVD-AWS-0089",
"id": "s3-bucket-logging",
"name": "Misconfiguration",
"shortDescription": {
"text": "S3 Bucket Logging"
Expand All @@ -102,10 +102,10 @@
"defaultConfiguration": {
"level": "note"
},
"helpUri": "https://avd.aquasec.com/misconfig/avd-aws-0089",
"helpUri": "https://avd.aquasec.com/misconfig/s3-bucket-logging",
"help": {
"text": "Misconfiguration AVD-AWS-0089\nType: Terraform Security Check\nSeverity: LOW\nCheck: S3 Bucket Logging\nMessage: Bucket has logging disabled\nLink: [AVD-AWS-0089](https://avd.aquasec.com/misconfig/avd-aws-0089)\nEnsures S3 bucket logging is enabled for S3 buckets",
"markdown": "**Misconfiguration AVD-AWS-0089**\n| Type | Severity | Check | Message | Link |\n| --- | --- | --- | --- | --- |\n|Terraform Security Check|LOW|S3 Bucket Logging|Bucket has logging disabled|[AVD-AWS-0089](https://avd.aquasec.com/misconfig/avd-aws-0089)|\n\nEnsures S3 bucket logging is enabled for S3 buckets"
"text": "Misconfiguration s3-bucket-logging\nType: Terraform Security Check\nSeverity: LOW\nCheck: S3 Bucket Logging\nMessage: Bucket has logging disabled\nLink: [s3-bucket-logging](https://avd.aquasec.com/misconfig/s3-bucket-logging)\nEnsures S3 bucket logging is enabled for S3 buckets",
"markdown": "**Misconfiguration s3-bucket-logging**\n| Type | Severity | Check | Message | Link |\n| --- | --- | --- | --- | --- |\n|Terraform Security Check|LOW|S3 Bucket Logging|Bucket has logging disabled|[s3-bucket-logging](https://avd.aquasec.com/misconfig/s3-bucket-logging)|\n\nEnsures S3 bucket logging is enabled for S3 buckets"
},
"properties": {
"precision": "very-high",
Expand Down Expand Up @@ -338,11 +338,11 @@
]
},
{
"ruleId": "AVD-AWS-0089",
"ruleId": "s3-bucket-logging",
"ruleIndex": 3,
"level": "note",
"message": {
"text": "Artifact: main.tf\nType: terraform\nVulnerability AVD-AWS-0089\nSeverity: LOW\nMessage: Bucket has logging disabled\nLink: [AVD-AWS-0089](https://avd.aquasec.com/misconfig/avd-aws-0089)"
"text": "Artifact: main.tf\nType: terraform\nVulnerability s3-bucket-logging\nSeverity: LOW\nMessage: Bucket has logging disabled\nLink: [s3-bucket-logging](https://avd.aquasec.com/misconfig/s3-bucket-logging)"
},
"locations": [
{
Expand Down
6 changes: 3 additions & 3 deletions test/data/config-scan/report.json
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@
},
{
"Type": "Terraform Security Check",
"ID": "AVD-AWS-0089",
"ID": "s3-bucket-logging",
"AVDID": "AVD-AWS-0089",
"Title": "S3 Bucket Logging",
"Description": "Ensures S3 bucket logging is enabled for S3 buckets",
Expand All @@ -223,10 +223,10 @@
"Query": "data.builtin.aws.s3.aws0089.deny",
"Resolution": "Add a logging block to the resource to enable access logging",
"Severity": "LOW",
"PrimaryURL": "https://avd.aquasec.com/misconfig/avd-aws-0089",
"PrimaryURL": "https://avd.aquasec.com/misconfig/s3-bucket-logging",
"References": [
"https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html",
"https://avd.aquasec.com/misconfig/avd-aws-0089"
"https://avd.aquasec.com/misconfig/s3-bucket-logging"
],
"Status": "FAIL",
"Layer": {},
Expand Down

0 comments on commit 8327bc0

Please sign in to comment.