gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-21 23:00:42 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(misconf): Added fs.FS based scanning via latest defsec (#2084)

Browse Source 
Co-authored-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
Liam Galvin
2022-05-10 13:05:00 +01:00
committed by GitHub
parent fbb83c42d9
commit 5a58e41476
44 changed files with 516 additions and 2129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pkg/commands/artifact/run.go
View File

@@ -25,7 +25,7 @@ import (
"github.com/aquasecurity/trivy/pkg/utils"
)
const defaultPolicyNamespace = "appshield"
var defaultPolicyNamespaces = []string{"appshield", "defsec", "builtin"}
var errSkipScan = errors.New("skip subsequent processes")
@@ -223,16 +223,10 @@ func scan(ctx context.Context, opt Option, initializeScanner InitializeScanner,
// ScannerOption is filled only when config scanning is enabled.
var configScannerOptions config.ScannerOption
if slices.Contains(opt.SecurityChecks, types.SecurityCheckConfig) {
noProgress := opt.Quiet || opt.NoProgress
builtinPolicyPaths, err := operation.InitBuiltinPolicies(ctx, opt.CacheDir, noProgress, opt.SkipPolicyUpdate)
if err != nil {
return types.Report{}, xerrors.Errorf("failed to initialize built-in policies: %w", err)
}
configScannerOptions = config.ScannerOption{
Trace: opt.Trace,
Namespaces: append(opt.PolicyNamespaces, defaultPolicyNamespace),
PolicyPaths: append(opt.PolicyPaths, builtinPolicyPaths...),
Namespaces: append(opt.PolicyNamespaces, defaultPolicyNamespaces...),
PolicyPaths: opt.PolicyPaths,
DataPaths: opt.DataPaths,
FilePatterns: opt.FilePatterns,
}