Engin Diri
12814ff8bc
docs: correct format and add output on config scan with sarif ( #159 )
2 years ago
simar7
cb606dfdb0
fix(sarif): Add timeout and security-checks for sarif ( #156 )
2 years ago
Carol Valencia
0d7cf2ddfb
chore: improve message output sbom with gh ( #145 )
...
* fix: merge with master- entrypoint
* chore: gitignore .vscode
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
simar7
5144f05a8d
fix(config): Drop mixing of options with yaml config. ( #148 )
...
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.
Fixes: https://github.com/aquasecurity/trivy-action/issues/147
Signed-off-by: Simar <simar@linux.com>
2 years ago
simar7
81b9a6f5ab
Update Dockerfile ( #152 )
2 years ago
simar7
503d3abc15
feat(yaml): Add support for trivy.yaml ( #143 )
...
* feat(yaml): Add support for trivy.yaml
Signed-off-by: Simar <simar@linux.com>
* chore: fixing test using trivy v 0.30.0
* chore(deps): Update to use Trivy v0.30.2
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
simar7
0105373003
docs(trivy): Add instructions to scan tarballs. ( #134 )
...
Signed-off-by: Simar <simar@linux.com>
2 years ago
simar7
bc615ae2d7
fix(tests): Update test golden files for Trivy v0.29.2 ( #136 )
...
Fixes: https://github.com/aquasecurity/trivy-action/issues/133
Fixes: https://github.com/aquasecurity/trivy-action/issues/135
Signed-off-by: Simar <simar@linux.com>
2 years ago
simar7
7b7aa264d8
feat(SBOM): Support SBOM generation ( #129 )
...
* feat(sbom): Support SBOM generation
Signed-off-by: Simar <simar@linux.com>
* Update README.md
Co-authored-by: Itay Shakury <itay@itaysk.com>
* feat(sbom): Send results within the entrypoint.sh
* fix(sbom): Fix leading whitespaces for format var.
Signed-off-by: Simar <simar@linux.com>
* docs(sbom): Update README.md
* docs(sbom): Update README.md
* chore(trivy): Bump Trivy version to 0.29.1
Signed-off-by: Simar <simar@linux.com>
* feat(sbom): Change to fs scan.
Signed-off-by: Simar <simar@linux.com>
* fix(tests): Update SARIF goldenfile
Co-authored-by: Itay Shakury <itay@itaysk.com>
2 years ago
nleconte-csgroup
63b6e4c61b
docs: added missing HTML template and removed deprecated SARIF template ( #132 )
...
* docs: add missing template
* docs: add missing template and remove deprecated
Add missing HTML template
Remove deprecated SARIF template
* docs: remove deprecated SARIF template
2 years ago
Carol Valencia
49e970d7ac
chore: pinning 0.29.0 trivy ( #128 )
...
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
Achton Smidt Winther
c666240787
Add missing option to README. ( #127 )
2 years ago
David Calvert
e27605859b
feat: update codeql-action/upload-sarif to v2 ( #124 )
2 years ago
Achton Smidt Winther
2b22459068
Update tests for 0.28.1 and convert to JSON ( #126 )
...
* Fix bug with test for securityChecks option which caused it to be skipped.
* Convert tests to JSON output only, and update them for Trivy 0.28.1.
* Update CI test to use Trivy 0.28.1.
2 years ago
Achton Smidt Winther
4b3b5f928b
Add support for --ignorefile option (.trivyignore) ( #122 )
...
* Add support for supplying one or more .trivyignore files.
* Fix gitignore for test data.
* Add test for trivyignores option.
* Be explicit about the trivy options we use during testing.
* Add documentation of trivyignores option.
2 years ago
Tanguy Segarra
1a53202fc4
Use AWS public ECR instead of rate-limiting dockerhub ( #118 )
2 years ago
James Luther
df3fb7d00b
Update Trivy Version in Dockerfile ( #117 )
...
Updated the dockerfile to use the latest release of Trivy.
2 years ago
Tanguy Segarra
987beb8186
Enable security checks option for image type ( #112 )
...
* Enable security checks option for image type
* Readme: update security checks option
* action.yaml: add default value for security checks option
* echo env var
* action.yaml: remove default value for security checks
* remove useless echo
2 years ago
Carol Valencia
4b9b6fb4ef
chore: update test to version 0.27.1 ( #106 )
...
* chore: update test to version 0.27.0
* chore: add test file secret and update to 0.27.1
* fix: support repository with securityCheck secret
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
Carol Valencia
2b30463ddb
chore: Update trivy version to 0.26.0 ( #102 )
...
* chore: Update trivy version to 0.25.3
* feat: trivy fs - securityCheck test
* chore: update trivy 0.26.0
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
jerbia
d7a51817e8
Merge pull request #104 from aquasecurity/feat/security-checks
...
(feat) Add support for security-checks flag
2 years ago
oranmoshai
9fbcc91008
(feat) Add support for security-checks flag
...
When using fs mode add option to list of what security issues to detect
2 years ago
Carol Valencia
40c4ca9e74
feat: bash unit test - adding repo ( #101 )
...
* feat: bash unit test - adding repo
* fix: clean dummy data
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
Carol Valencia
f39d29766a
chore: Update trivy version to 0.25 ( #100 )
...
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
Chanaka Lakmal
296212627a
Update default value of timeout configuration ( #97 )
2 years ago
Oran Moshai
a7a829a434
chore: update trivy version Dockerfile ( #96 )
...
* chore: update trivy version Dockerfile
* Update readme for sarif deprecate
https://github.com/aquasecurity/trivy/discussions/1571
* docs: revert template and remove sarif.tpl
* fix: update condition to use format variable
Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2 years ago
Carol Valencia
9c21d3ca2c
chore: update trivy version Dockerfile ( #89 )
...
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
Masayoshi Mizutani
8f4c7160b4
feat: Add list-all-pkgs option ( #88 )
2 years ago
Carol Valencia
81cc8cd841
chore: update trivy version - fixed sarif ( #87 )
2 years ago
Nick Liffen
0769bbf0d2
Update Dockerfile ( #82 )
3 years ago
gustavomonarin
9ec80b5796
feat( #59 ) add support to skip files ( #60 )
...
* feat(#59 ) Add support to skip files
closes #59
* Fix skipFiles parameter check
The check should be if present not if enabled.
3 years ago
rahul2393
a58433e1c9
feat: added support for rootfs command ( #84 )
3 years ago
Simar
7168e9ba5a
feat: Update README to include a case where upload upon failure ( #78 )
...
* feat: Update README to include a case where upload is needed upon failure.
Signed-off-by: Simar <simar@linux.com>
* Update README.md
3 years ago
rahul2393
2a2157eb22
chore: Include skip options other than severity filter option when building SARIF report. ( #79 )
3 years ago
Simar
1ccef265f5
feat: Build a full SARIF report even if under accepted severity level. ( #73 )
...
Signed-off-by: Simar <simar@linux.com>
3 years ago
Simar
d62898dfb3
Bump to latest Trivy release
3 years ago
Emil Lengman
6bce46377c
bump to version 0.20.0 to add requirements.txt support ( #69 )
3 years ago
Simar
101d9bacf6
Update action.yaml
3 years ago
Peter Kipping
8eccb55397
Bump base image version to 0.19.2 to fix issue with config scanning. ( #58 )
3 years ago
Brandon Sorgdrager
9438b49cc3
Enable config scanning ( #56 )
...
* Bump trivy image to enable use of config scan-type
* move --no-progress switch behind input arg and set default
* prevent unrelated args from passing with config scan-type
* fix invalid option passing
* set artifactRef if scanType = config
* Add workflow example for IAC/YAML scanning
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
* clean hideProgress input
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago
Valentin Laurin
ac8de07fd1
Pass --cache-dir as global argument to Trivy ( #51 )
3 years ago
Anand Gautam
09b815c470
feat: add ignore-policy option to filter vulnerabilities ( #48 )
...
* feat: add ignore-policy option to filter vulnerabilities
* fix: format README
3 years ago
Simar
0ce0e69d98
Update README.md
3 years ago
rahul2393
dba83feec8
fix invalid rule exception for SARIF templates ( #47 )
3 years ago
Simar
c9017eb417
Revert "Use fixed Sarif template ( #45 )" ( #46 )
...
This reverts commit 4ef054abe6
.
3 years ago
rahul2393
4ef054abe6
Use fixed Sarif template ( #45 )
3 years ago
rahul2393
9789b6ae3b
Update docker base image for trivy. ( #44 )
3 years ago
rahul2393
fd44a8c1a7
Improve Readme to remove docker build step ( #43 )
...
* Remove docker build step
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago
rahul2393
341f810bd6
Pin docker image, and update skip dirs argument passing to trivy ( #41 )
3 years ago
rahul2393
731c4a9c64
Update readme to scan private repository ( #42 )
...
* Printing env var to debug
* Update Readme to scan private registries.
* Apply suggestions from code review
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago