feat(report): GitHub Dependency Snapshots support (#1522)

Co-authored-by: Shira Cohen <97398476+ShiraCohen33@users.noreply.github.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>
2025-12-21 23:00:42 -08:00 · 2022-05-27 00:34:15 +06:00
parent b7ec642572
commit 4ab696eaa2
15 changed files with 565 additions and 28 deletions
--- a/integration/client_server_test.go
+++ b/integration/client_server_test.go
@@ -21,6 +21,7 @@ import (
 	testcontainers "github.com/testcontainers/testcontainers-go"
 	"github.com/urfave/cli/v2"

+	"github.com/aquasecurity/trivy/pkg/clock"
 	"github.com/aquasecurity/trivy/pkg/commands"
 	"github.com/aquasecurity/trivy/pkg/report"
 )
@@ -256,7 +257,7 @@ func TestClientServer(t *testing.T) {
 	}
 }

-func TestClientServerWithTemplate(t *testing.T) {
+func TestClientServerWithFormat(t *testing.T) {
 	tests := []struct {
 		name   string
 		args   csArgs
@@ -306,17 +307,35 @@ func TestClientServerWithTemplate(t *testing.T) {
 			},
 			golden: "testdata/alpine-310.html.golden",
 		},
+		{
+			name: "alpine 3.10 with github dependency snapshots format",
+			args: csArgs{
+				Format: "github",
+				Input:  "testdata/fixtures/images/alpine-310.tar.gz",
+			},
+			golden: "testdata/alpine-310.gsbom.golden",
+		},
 	}

+	fakeTime := time.Date(2020, 8, 10, 7, 28, 17, 958601, time.UTC)
+	clock.SetFakeTime(t, fakeTime)
+
 	report.CustomTemplateFuncMap = map[string]interface{}{
 		"now": func() time.Time {
-			return time.Date(2020, 8, 10, 7, 28, 17, 958601, time.UTC)
+			return fakeTime
 		},
 		"date": func(format string, t time.Time) string {
 			return t.Format(format)
 		},
 	}

+	// For GitHub Dependency Snapshots
+	t.Setenv("GITHUB_REF", "/ref/feature-1")
+	t.Setenv("GITHUB_SHA", "39da54a1ff04120a31df8cbc94ce9ede251d21a3")
+	t.Setenv("GITHUB_JOB", "integration")
+	t.Setenv("GITHUB_RUN_ID", "1910764383")
+	t.Setenv("GITHUB_WORKFLOW", "workflow-name")
+
 	t.Cleanup(func() {
 		report.CustomTemplateFuncMap = map[string]interface{}{}
 	})