feat(misconf): Add support for Minimum Trivy Version (#8880)

Signed-off-by: Simar <simar@linux.com> Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io> Co-authored-by: nikpivkin <nikita.pivkin@smartforce.io>
2025-12-05 20:40:16 -08:00 · 2025-05-28 15:22:21 -06:00
parent 1d420e669f
commit 3b2a3976ac
16 changed files with 523 additions and 127 deletions
--- a/integration/integration_test.go
+++ b/integration/integration_test.go
@@ -305,6 +305,7 @@ func compareReports(t *testing.T, wantFile, gotFile string, override func(t *tes
 	if override != nil {
 		override(t, &want, &got)
 	}
+
 	assert.Equal(t, want, got)
 }

--- a/integration/testdata/dockerfile-custom-policies.json.golden
+++ b/integration/testdata/dockerfile-custom-policies.json.golden
@@ -27,43 +27,49 @@
      "Misconfigurations": [
        {
          "Type": "Dockerfile Security Check",
-          "ID": "N/A",
-          "Title": "N/A",
-          "Description": "Rego module: data.user.bar",
+          "ID": "AVD-BAR-0001",
+          "AVDID": "AVD-BAR-0001",
+          "Title": "Custom policy",
+          "Description": "Custom policy for testing",
          "Message": "something bad: bar",
          "Namespace": "user.bar",
          "Query": "data.user.bar.deny",
-          "Severity": "UNKNOWN",
+          "Resolution": "Custom policy for testing",
+          "Severity": "LOW",
          "Status": "FAIL",
          "Layer": {},
          "CauseMetadata": {
-            "Provider": "Generic",
-            "Service": "general",
+            "Provider": "Custom",
+            "Service": "custom",
            "Code": {
              "Lines": null
-            }
+            },
+            "RenderedCause": {}
          }
        },
        {
          "Type": "Dockerfile Security Check",
-          "ID": "N/A",
-          "Title": "N/A",
-          "Description": "Rego module: data.user.foo",
+          "ID": "AVD-FOO-0001",
+          "AVDID": "AVD-FOO-0001",
+          "Title": "Custom policy",
+          "Description": "Custom policy for testing",
          "Message": "something bad: foo",
          "Namespace": "user.foo",
          "Query": "data.user.foo.deny",
-          "Severity": "UNKNOWN",
+          "Resolution": "Custom policy for testing",
+          "Severity": "LOW",
          "Status": "FAIL",
          "Layer": {},
          "CauseMetadata": {
-            "Provider": "Generic",
-            "Service": "general",
+            "Provider": "Custom",
+            "Service": "custom",
            "Code": {
              "Lines": null
-            }
+            },
+            "RenderedCause": {}
          }
        }
      ]
    }
  ]
-}
+}
--- a/integration/testdata/fixtures/repo/custom-policy/policy/bar.rego
+++ b/integration/testdata/fixtures/repo/custom-policy/policy/bar.rego
@@ -1,3 +1,17 @@
+# METADATA
+# title: Custom policy
+# description: Custom policy for testing
+# scope: package
+# schemas:
+#   - input: schema["input"]
+# custom:
+#   id: AVD-BAR-0001
+#   avd_id: AVD-BAR-0001
+#   provider: custom
+#   service: custom
+#   severity: LOW
+#   short_code: custom-policy
+#   recommended_action: Custom policy for testing
 package user.bar

 deny[res] {
--- a/integration/testdata/fixtures/repo/custom-policy/policy/foo.rego
+++ b/integration/testdata/fixtures/repo/custom-policy/policy/foo.rego
@@ -1,3 +1,17 @@
+# METADATA
+# title: Custom policy
+# description: Custom policy for testing
+# scope: package
+# schemas:
+#   - input: schema["input"]
+# custom:
+#   id: AVD-FOO-0001
+#   avd_id: AVD-FOO-0001
+#   provider: custom
+#   service: custom
+#   severity: LOW
+#   short_code: custom-policy
+#   recommended_action: Custom policy for testing
 package user.foo

 deny[res] {