gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-21 14:50:53 -08:00
Code Issues Packages Projects Releases Wiki Activity

BREAKING(report): migrate to new json schema (#1265)

Browse Source
This commit is contained in:
Teppei Fukuda
2021-10-04 16:22:24 +09:00
committed by GitHub
parent da905108b4
commit b37f682ee2
51 changed files with 131927 additions and 130069 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yaml vendored
View File

@@ -4,7 +4,7 @@ on:
tags:
- "v*"
env:
GO_VERSION: "1.16"
GO_VERSION: "1.17"
GH_USER: "aqua-bot"
jobs:
release:

2
.github/workflows/test.yaml vendored
View File

@@ -10,7 +10,7 @@ on:
- 'LICENSE'
pull_request:
env:
GO_VERSION: "1.16"
GO_VERSION: "1.17"
jobs:
test:
name: Test

2
go.mod
View File

@@ -7,7 +7,7 @@ require (
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986
github.com/aquasecurity/fanal v0.0.0-20211001165956-9cea0606a6f1
github.com/aquasecurity/fanal v0.0.0-20211003152019-761279c3f9c6
github.com/aquasecurity/go-dep-parser v0.0.0-20210919151457-76db061b9305
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce
github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798

4
go.sum
View File

@@ -202,8 +202,8 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6
github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30xLN2sUZcMXl50hg+PJCIDdJgIvIbVcKqLJ/ZrtM=
github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986/go.mod h1:NT+jyeCzXk6vXR5MTkdn4z64TgGfE5HMLC8qfj5unl8=
github.com/aquasecurity/fanal v0.0.0-20211001165956-9cea0606a6f1 h1:WBmDGVe27yNPxqHuciYOG3D6Mwe16lgs9jmCo+gRGL4=
github.com/aquasecurity/fanal v0.0.0-20211001165956-9cea0606a6f1/go.mod h1:FyKpqN6I6emeoEFdU3BKHyTpr47g2gwzIdJQDbm/Z+0=
github.com/aquasecurity/fanal v0.0.0-20211003152019-761279c3f9c6 h1:RKgiEqKpv22QY3+p46EEoKmkpoS4toH1CNV0A6aKPro=
github.com/aquasecurity/fanal v0.0.0-20211003152019-761279c3f9c6/go.mod h1:FyKpqN6I6emeoEFdU3BKHyTpr47g2gwzIdJQDbm/Z+0=
github.com/aquasecurity/go-dep-parser v0.0.0-20210919151457-76db061b9305 h1:xsniAD6IrP+stY8tkytxE2tk8czkzSN3XaUvzoi1hCk=
github.com/aquasecurity/go-dep-parser v0.0.0-20210919151457-76db061b9305/go.mod h1:Zc7Eo6tFl9l4XcqsWeabD7jHnXRBK/LdgZuu9GTSVLU=
github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM=

271
integration/client_server_test.go
View File

@@ -23,10 +23,9 @@ import (
"github.com/aquasecurity/trivy/pkg/report"
)
type args struct {
type csArgs struct {
Format string
TemplatePath string
Version string
IgnoreUnfixed bool
Severity []string
IgnoreIDs []string
@@ -36,24 +35,22 @@ type args struct {
}
func TestClientServer(t *testing.T) {
cases := []struct {
tests := []struct {
name string
testArgs args
args csArgs
golden string
wantErr string
}{
{
name: "alpine 3.10 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.json.golden",
},
{
name: "alpine 3.10 integration with --ignore-unfixed option",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
@@ -61,8 +58,7 @@ func TestClientServer(t *testing.T) {
},
{
name: "alpine 3.10 integration with medium and high severity",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Severity: []string{"MEDIUM", "HIGH"},
Input: "testdata/fixtures/images/alpine-310.tar.gz",
@@ -71,64 +67,30 @@ func TestClientServer(t *testing.T) {
},
{
name: "alpine 3.10 integration with .trivyignore",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: false,
IgnoreIDs: []string{"CVE-2019-1549", "CVE-2019-1563"},
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310-ignore-cveids.json.golden",
},
{
name: "alpine 3.10 integration with gitlab template",
testArgs: args{
Format: "template",
TemplatePath: "@../contrib/gitlab.tpl",
Version: "dev",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.gitlab.golden",
},
{
name: "alpine 3.10 integration with gitlab-codequality template",
testArgs: args{
Format: "template",
TemplatePath: "@../contrib/gitlab-codequality.tpl",
Version: "dev",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.gitlab-codequality.golden",
},
{
name: "alpine 3.10 integration with sarif template",
testArgs: args{
Format: "template",
TemplatePath: "@../contrib/sarif.tpl",
Version: "dev",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.sarif.golden",
},
{
name: "alpine 3.9 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/alpine-39.tar.gz",
},
golden: "testdata/alpine-39.json.golden",
},
{
name: "debian buster integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/debian-buster.tar.gz",
},
golden: "testdata/debian-buster.json.golden",
},
{
name: "debian buster integration with --ignore-unfixed option",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Input: "testdata/fixtures/images/debian-buster.tar.gz",
},
@@ -136,24 +98,21 @@ func TestClientServer(t *testing.T) {
},
{
name: "debian stretch integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/debian-stretch.tar.gz",
},
golden: "testdata/debian-stretch.json.golden",
},
{
name: "ubuntu 18.04 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/ubuntu-1804.tar.gz",
},
golden: "testdata/ubuntu-1804.json.golden",
},
{
name: "ubuntu 18.04 integration with --ignore-unfixed option",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Input: "testdata/fixtures/images/ubuntu-1804.tar.gz",
},
@@ -161,24 +120,21 @@ func TestClientServer(t *testing.T) {
},
{
name: "ubuntu 16.04 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/ubuntu-1604.tar.gz",
},
golden: "testdata/ubuntu-1604.json.golden",
},
{
name: "centos 7 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/centos-7.tar.gz",
},
golden: "testdata/centos-7.json.golden",
},
{
name: "centos 7 integration with --ignore-unfixed option",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Input: "testdata/fixtures/images/centos-7.tar.gz",
},
@@ -186,8 +142,7 @@ func TestClientServer(t *testing.T) {
},
{
name: "centos 7 integration with low and high severity",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Severity: []string{"LOW", "HIGH"},
Input: "testdata/fixtures/images/centos-7.tar.gz",
@@ -196,32 +151,28 @@ func TestClientServer(t *testing.T) {
},
{
name: "centos 6 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/centos-6.tar.gz",
},
golden: "testdata/centos-6.json.golden",
},
{
name: "ubi 7 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/ubi-7.tar.gz",
},
golden: "testdata/ubi-7.json.golden",
},
{
name: "distroless base integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/distroless-base.tar.gz",
},
golden: "testdata/distroless-base.json.golden",
},
{
name: "distroless base integration with --ignore-unfixed option",
testArgs: args{
Version: "dev",
args: csArgs{
IgnoreUnfixed: true,
Input: "testdata/fixtures/images/distroless-base.tar.gz",
},
@@ -229,116 +180,152 @@ func TestClientServer(t *testing.T) {
},
{
name: "distroless python27 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/distroless-python27.tar.gz",
},
golden: "testdata/distroless-python27.json.golden",
},
{
name: "amazon 1 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/amazon-1.tar.gz",
},
golden: "testdata/amazon-1.json.golden",
},
{
name: "amazon 2 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/amazon-2.tar.gz",
},
golden: "testdata/amazon-2.json.golden",
},
{
name: "oracle 6 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/oraclelinux-6-slim.tar.gz",
},
golden: "testdata/oraclelinux-6-slim.json.golden",
},
{
name: "oracle 7 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/oraclelinux-7-slim.tar.gz",
},
golden: "testdata/oraclelinux-7-slim.json.golden",
},
{
name: "oracle 8 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/oraclelinux-8-slim.tar.gz",
},
golden: "testdata/oraclelinux-8-slim.json.golden",
},
{
name: "opensuse leap 15.1 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/opensuse-leap-151.tar.gz",
},
golden: "testdata/opensuse-leap-151.json.golden",
},
{
name: "opensuse leap 42.3 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/opensuse-leap-423.tar.gz",
},
golden: "testdata/opensuse-leap-423.json.golden",
},
{
name: "photon 1.0 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/photon-10.tar.gz",
},
golden: "testdata/photon-10.json.golden",
},
{
name: "photon 2.0 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/photon-20.tar.gz",
},
golden: "testdata/photon-20.json.golden",
},
{
name: "photon 3.0 integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/photon-30.tar.gz",
},
golden: "testdata/photon-30.json.golden",
},
{
name: "buxybox with Cargo.lock integration",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/busybox-with-lockfile.tar.gz",
},
golden: "testdata/busybox-with-lockfile.json.golden",
},
}
app, addr, cacheDir := setup(t, setupOptions{})
for _, c := range tests {
t.Run(c.name, func(t *testing.T) {
osArgs, outputFile := setupClient(t, c.args, addr, cacheDir, c.golden)
// Run Trivy client
err := app.Run(osArgs)
require.NoError(t, err)
compareReports(t, c.golden, outputFile)
})
}
}
func TestClientServerWithTemplate(t *testing.T) {
tests := []struct {
name string
args csArgs
golden string
}{
{
name: "alpine 3.10 integration with gitlab template",
args: csArgs{
Format: "template",
TemplatePath: "@../contrib/gitlab.tpl",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.gitlab.golden",
},
{
name: "alpine 3.10 integration with gitlab-codequality template",
args: csArgs{
Format: "template",
TemplatePath: "@../contrib/gitlab-codequality.tpl",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.gitlab-codequality.golden",
},
{
name: "alpine 3.10 integration with sarif template",
args: csArgs{
Format: "template",
TemplatePath: "@../contrib/sarif.tpl",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.sarif.golden",
},
{
name: "alpine 3.10 integration with ASFF template",
testArgs: args{
args: csArgs{
Format: "template",
TemplatePath: "@../contrib/asff.tpl",
Version: "dev",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.asff.golden",
},
{
name: "alpine 3.10 integration with html template",
testArgs: args{
args: csArgs{
Format: "template",
TemplatePath: "@../contrib/html.tpl",
Version: "dev",
Input: "testdata/fixtures/images/alpine-310.tar.gz",
},
golden: "testdata/alpine-310.html.golden",
@@ -347,21 +334,26 @@ func TestClientServer(t *testing.T) {
app, addr, cacheDir := setup(t, setupOptions{})
for _, c := range cases {
t.Run(c.name, func(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
report.Now = func() time.Time {
return time.Date(2020, 8, 10, 7, 28, 17, 958601, time.UTC)
}
os.Setenv("AWS_REGION", "test-region")
os.Setenv("AWS_ACCOUNT_ID", "123456789012")
osArgs, outputFile, cleanup := setupClient(t, c.testArgs, addr, cacheDir, c.golden)
defer cleanup()
t.Setenv("AWS_REGION", "test-region")
t.Setenv("AWS_ACCOUNT_ID", "123456789012")
osArgs, outputFile := setupClient(t, tt.args, addr, cacheDir, tt.golden)
// Run Trivy client
err := app.Run(osArgs)
require.NoError(t, err)
compare(t, c.golden, outputFile)
want, err := os.ReadFile(tt.golden)
require.NoError(t, err)
got, err := os.ReadFile(outputFile)
require.NoError(t, err)
assert.EqualValues(t, string(want), string(got))
})
}
}
@@ -369,14 +361,13 @@ func TestClientServer(t *testing.T) {
func TestClientServerWithToken(t *testing.T) {
cases := []struct {
name string
testArgs args
args csArgs
golden string
wantErr string
}{
{
name: "alpine 3.10 integration with token",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/alpine-310.tar.gz",
ClientToken: "token",
ClientTokenHeader: "Trivy-Token",
@@ -385,8 +376,7 @@ func TestClientServerWithToken(t *testing.T) {
},
{
name: "invalid token",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/distroless-base.tar.gz",
ClientToken: "invalidtoken",
ClientTokenHeader: "Trivy-Token",
@@ -395,8 +385,7 @@ func TestClientServerWithToken(t *testing.T) {
},
{
name: "invalid token header",
testArgs: args{
Version: "dev",
args: csArgs{
Input: "testdata/fixtures/images/distroless-base.tar.gz",
ClientToken: "valid-token",
ClientTokenHeader: "Trivy-Token",
@@ -411,12 +400,10 @@ func TestClientServerWithToken(t *testing.T) {
token: serverToken,
tokenHeader: serverTokenHeader,
})
defer os.RemoveAll(cacheDir)
for _, c := range cases {
t.Run(c.name, func(t *testing.T) {
osArgs, outputFile, cleanup := setupClient(t, c.testArgs, addr, cacheDir, c.golden)
defer cleanup()
osArgs, outputFile := setupClient(t, c.args, addr, cacheDir, c.golden)
// Run Trivy client
err := app.Run(osArgs)
@@ -429,7 +416,7 @@ func TestClientServerWithToken(t *testing.T) {
assert.NoError(t, err, c.name)
}
compare(t, c.golden, outputFile)
compareReports(t, c.golden, outputFile)
})
}
}
@@ -444,29 +431,26 @@ func TestClientServerWithRedis(t *testing.T) {
defer os.RemoveAll(cacheDir)
// Test parameters
testArgs := args{
Version: "dev",
testArgs := csArgs{
Input: "testdata/fixtures/images/centos-7.tar.gz",
}
golden := "testdata/centos-7.json.golden"
t.Run("centos 7", func(t *testing.T) {
osArgs, outputFile, cleanup := setupClient(t, testArgs, addr, cacheDir, golden)
defer cleanup()
osArgs, outputFile := setupClient(t, testArgs, addr, cacheDir, golden)
// Run Trivy client
err := app.Run(osArgs)
require.NoError(t, err)
compare(t, golden, outputFile)
compareReports(t, golden, outputFile)
})
// Terminate the Redis container
require.NoError(t, redisC.Terminate(ctx))
t.Run("sad path", func(t *testing.T) {
osArgs, _, cleanup := setupClient(t, testArgs, addr, cacheDir, golden)
defer cleanup()
osArgs, _ := setupClient(t, testArgs, addr, cacheDir, golden)
// Run Trivy client
err := app.Run(osArgs)
@@ -524,7 +508,7 @@ func setupServer(addr, token, tokenHeader, cacheDir, cacheBackend string) []stri
return osArgs
}
func setupClient(t *testing.T, c args, addr string, cacheDir string, golden string) ([]string, string, func()) {
func setupClient(t *testing.T, c csArgs, addr string, cacheDir string, golden string) ([]string, string) {
t.Helper()
osArgs := []string{"trivy", "--cache-dir", cacheDir, "client", "--remote", "http://" + addr}
@@ -546,13 +530,9 @@ func setupClient(t *testing.T, c args, addr string, cacheDir string, golden stri
)
}
var err error
var ignoreTmpDir string
if len(c.IgnoreIDs) != 0 {
ignoreTmpDir, err = os.MkdirTemp("", "ignore")
require.NoError(t, err, "failed to create a temp dir")
trivyIgnore := filepath.Join(ignoreTmpDir, ".trivyignore")
err = os.WriteFile(trivyIgnore, []byte(strings.Join(c.IgnoreIDs, "\n")), 0444)
trivyIgnore := filepath.Join(t.TempDir(), ".trivyignore")
err := os.WriteFile(trivyIgnore, []byte(strings.Join(c.IgnoreIDs, "\n")), 0444)
require.NoError(t, err, "failed to write .trivyignore")
osArgs = append(osArgs, []string{"--ignorefile", trivyIgnore}...)
}
@@ -564,24 +544,14 @@ func setupClient(t *testing.T, c args, addr string, cacheDir string, golden stri
}
// Setup the output file
var outputFile string
outputFile := filepath.Join(t.TempDir(), "output.json")
if *update {
outputFile = golden
} else {
output, _ := os.CreateTemp("", "integration")
assert.Nil(t, output.Close())
outputFile = output.Name()
}
cleanup := func() {
_ = os.Remove(ignoreTmpDir)
if !*update {
_ = os.Remove(outputFile)
}
}
osArgs = append(osArgs, []string{"--output", outputFile}...)
return osArgs, outputFile, cleanup
return osArgs, outputFile
}
func setupRedis(t *testing.T, ctx context.Context) (testcontainers.Container, string) {
@@ -611,18 +581,3 @@ func setupRedis(t *testing.T, ctx context.Context) (testcontainers.Container, st
addr := fmt.Sprintf("redis://%s:%s", ip, p.Port())
return redis, addr
}
func compare(t *testing.T, wantFile, gotFile string) {
t.Helper()
// Compare want and got
want, err := os.ReadFile(wantFile)
assert.NoError(t, err)
got, err := os.ReadFile(gotFile)
assert.NoError(t, err)
if strings.HasSuffix(wantFile, ".json.golden") {
assert.JSONEq(t, string(want), string(got))
} else {
assert.EqualValues(t, string(want), string(got))
}
}

90
integration/docker_engine_test.go
View File

@@ -7,6 +7,7 @@ import (
"context"
"io"
"os"
"path/filepath"
"strings"
"testing"
@@ -28,8 +29,8 @@ func TestRun_WithDockerEngine(t *testing.T) {
severity []string
ignoreIDs []string
testfile string
expectedOutputFile string
expectedError string
wantOutputFile string
wantError string
}{
// All of these cases should pass for either
// $ trivy <args>
@@ -37,21 +38,21 @@ func TestRun_WithDockerEngine(t *testing.T) {
{
name: "happy path, valid image path, alpine:3.10",
imageTag: "alpine:3.10",
expectedOutputFile: "testdata/alpine-310.json.golden",
wantOutputFile: "testdata/alpine-310.json.golden",
testfile: "testdata/fixtures/images/alpine-310.tar.gz",
},
{
name: "happy path, valid image path, with image subcommand, alpine:3.10",
withImageSubcommand: true,
imageTag: "alpine:3.10",
expectedOutputFile: "testdata/alpine-310.json.golden",
wantOutputFile: "testdata/alpine-310.json.golden",
testfile: "testdata/fixtures/images/alpine-310.tar.gz",
},
{
name: "happy path, valid image path, alpine:3.10, ignore unfixed",
ignoreUnfixed: true,
imageTag: "alpine:3.10",
expectedOutputFile: "testdata/alpine-310-ignore-unfixed.json.golden",
wantOutputFile: "testdata/alpine-310-ignore-unfixed.json.golden",
testfile: "testdata/fixtures/images/alpine-310.tar.gz",
},
{
@@ -59,51 +60,51 @@ func TestRun_WithDockerEngine(t *testing.T) {
ignoreUnfixed: true,
severity: []string{"MEDIUM", "HIGH"},
imageTag: "alpine:3.10",
expectedOutputFile: "testdata/alpine-310-medium-high.json.golden",
wantOutputFile: "testdata/alpine-310-medium-high.json.golden",
testfile: "testdata/fixtures/images/alpine-310.tar.gz",
},
{
name: "happy path, valid image path, alpine:3.10, with .trivyignore",
imageTag: "alpine:3.10",
ignoreIDs: []string{"CVE-2019-1549", "CVE-2019-1563"},
expectedOutputFile: "testdata/alpine-310-ignore-cveids.json.golden",
wantOutputFile: "testdata/alpine-310-ignore-cveids.json.golden",
testfile: "testdata/fixtures/images/alpine-310.tar.gz",
},
{
name: "happy path, valid image path, alpine:3.9",
imageTag: "alpine:3.9",
expectedOutputFile: "testdata/alpine-39.json.golden",
wantOutputFile: "testdata/alpine-39.json.golden",
testfile: "testdata/fixtures/images/alpine-39.tar.gz",
},
{
name: "happy path, valid image path, amazonlinux:1",
imageTag: "amazonlinux:1",
expectedOutputFile: "testdata/amazon-1.json.golden",
wantOutputFile: "testdata/amazon-1.json.golden",
testfile: "testdata/fixtures/images/amazon-1.tar.gz",
},
{
name: "happy path, valid image path, amazonlinux:2",
imageTag: "amazonlinux:2",
expectedOutputFile: "testdata/amazon-2.json.golden",
wantOutputFile: "testdata/amazon-2.json.golden",
testfile: "testdata/fixtures/images/amazon-2.tar.gz",
},
{
name: "happy path, valid image path, centos:6",
imageTag: "centos:6",
expectedOutputFile: "testdata/centos-6.json.golden",
wantOutputFile: "testdata/centos-6.json.golden",
testfile: "testdata/fixtures/images/centos-6.tar.gz",
},
{
name: "happy path, valid image path, centos:7",
imageTag: "centos:7",
expectedOutputFile: "testdata/centos-7.json.golden",
wantOutputFile: "testdata/centos-7.json.golden",
testfile: "testdata/fixtures/images/centos-7.tar.gz",
},
{
name: "happy path, valid image path, centos:7, with --ignore-unfixed option",
imageTag: "centos:7",
ignoreUnfixed: true,
expectedOutputFile: "testdata/centos-7-ignore-unfixed.json.golden",
wantOutputFile: "testdata/centos-7-ignore-unfixed.json.golden",
testfile: "testdata/fixtures/images/centos-7.tar.gz",
},
{
@@ -111,137 +112,137 @@ func TestRun_WithDockerEngine(t *testing.T) {
imageTag: "centos:7",
ignoreUnfixed: true,
severity: []string{"LOW", "HIGH"},
expectedOutputFile: "testdata/centos-7-low-high.json.golden",
wantOutputFile: "testdata/centos-7-low-high.json.golden",
testfile: "testdata/fixtures/images/centos-7.tar.gz",
},
{
name: "happy path, valid image path, debian:buster",
imageTag: "debian:buster",
expectedOutputFile: "testdata/debian-buster.json.golden",
wantOutputFile: "testdata/debian-buster.json.golden",
testfile: "testdata/fixtures/images/debian-buster.tar.gz",
},
{
name: "happy path, valid image path, debian:buster, with --ignore-unfixed option",
ignoreUnfixed: true,
imageTag: "debian:buster",
expectedOutputFile: "testdata/debian-buster-ignore-unfixed.json.golden",
wantOutputFile: "testdata/debian-buster-ignore-unfixed.json.golden",
testfile: "testdata/fixtures/images/debian-buster.tar.gz",
},
{
name: "happy path, valid image path, debian:stretch",
imageTag: "debian:stretch",
expectedOutputFile: "testdata/debian-stretch.json.golden",
wantOutputFile: "testdata/debian-stretch.json.golden",
testfile: "testdata/fixtures/images/debian-stretch.tar.gz",
},
{
name: "happy path, valid image path, distroless:base",
imageTag: "gcr.io/distroless/base:latest",
expectedOutputFile: "testdata/distroless-base.json.golden",
wantOutputFile: "testdata/distroless-base.json.golden",
testfile: "testdata/fixtures/images/distroless-base.tar.gz",
},
{
name: "happy path, valid image path, distroless:base",
imageTag: "gcr.io/distroless/base:latest",
expectedOutputFile: "testdata/distroless-base.json.golden",
wantOutputFile: "testdata/distroless-base.json.golden",
testfile: "testdata/fixtures/images/distroless-base.tar.gz",
},
{
name: "happy path, valid image path, distroless:base, with --ignore-unfixed option",
imageTag: "gcr.io/distroless/base:latest",
ignoreUnfixed: true,
expectedOutputFile: "testdata/distroless-base-ignore-unfixed.json.golden",
wantOutputFile: "testdata/distroless-base-ignore-unfixed.json.golden",
testfile: "testdata/fixtures/images/distroless-base.tar.gz",
},
{
name: "happy path, valid image path, distroless:python2.7",
imageTag: "gcr.io/distroless/python2.7:latest",
expectedOutputFile: "testdata/distroless-python27.json.golden",
wantOutputFile: "testdata/distroless-python27.json.golden",
testfile: "testdata/fixtures/images/distroless-python27.tar.gz",
},
{
name: "happy path, valid image path, oraclelinux:6-slim",
imageTag: "oraclelinux:6-slim",
expectedOutputFile: "testdata/oraclelinux-6-slim.json.golden",
wantOutputFile: "testdata/oraclelinux-6-slim.json.golden",
testfile: "testdata/fixtures/images/oraclelinux-6-slim.tar.gz",
},
{
name: "happy path, valid image path, oraclelinux:7-slim",
imageTag: "oraclelinux:7-slim",
expectedOutputFile: "testdata/oraclelinux-7-slim.json.golden",
wantOutputFile: "testdata/oraclelinux-7-slim.json.golden",
testfile: "testdata/fixtures/images/oraclelinux-7-slim.tar.gz",
},
{
name: "happy path, valid image path, oraclelinux:8-slim",
imageTag: "oraclelinux:8-slim",
expectedOutputFile: "testdata/oraclelinux-8-slim.json.golden",
wantOutputFile: "testdata/oraclelinux-8-slim.json.golden",
testfile: "testdata/fixtures/images/oraclelinux-8-slim.tar.gz",
},
{
name: "happy path, valid image path, ubuntu:16.04",
imageTag: "ubuntu:16.04",
expectedOutputFile: "testdata/ubuntu-1604.json.golden",
wantOutputFile: "testdata/ubuntu-1604.json.golden",
testfile: "testdata/fixtures/images/ubuntu-1604.tar.gz",
},
{
name: "happy path, valid image path, ubuntu:18.04",
imageTag: "ubuntu:18.04",
expectedOutputFile: "testdata/ubuntu-1804.json.golden",
wantOutputFile: "testdata/ubuntu-1804.json.golden",
testfile: "testdata/fixtures/images/ubuntu-1804.tar.gz",
},
{
name: "happy path, valid image path, ubuntu:18.04, with --ignore-unfixed option",
imageTag: "ubuntu:18.04",
ignoreUnfixed: true,
expectedOutputFile: "testdata/ubuntu-1804-ignore-unfixed.json.golden",
wantOutputFile: "testdata/ubuntu-1804-ignore-unfixed.json.golden",
testfile: "testdata/fixtures/images/ubuntu-1804.tar.gz",
},
{
name: "happy path, valid image path, registry.redhat.io/ubi7",
imageTag: "registry.redhat.io/ubi7",
expectedOutputFile: "testdata/ubi-7.json.golden",
wantOutputFile: "testdata/ubi-7.json.golden",
testfile: "testdata/fixtures/images/ubi-7.tar.gz",
},
{
name: "happy path, valid image path, opensuse leap 15.1",
imageTag: "opensuse/leap:latest",
expectedOutputFile: "testdata/opensuse-leap-151.json.golden",
wantOutputFile: "testdata/opensuse-leap-151.json.golden",
testfile: "testdata/fixtures/images/opensuse-leap-151.tar.gz",
},
{
name: "happy path, valid image path, opensuse leap 42.3",
imageTag: "opensuse/leap:42.3",
expectedOutputFile: "testdata/opensuse-leap-423.json.golden",
wantOutputFile: "testdata/opensuse-leap-423.json.golden",
testfile: "testdata/fixtures/images/opensuse-leap-423.tar.gz",
},
{
name: "happy path, valid image path, photon 1.0",
imageTag: "photon:1.0-20190823",
expectedOutputFile: "testdata/photon-10.json.golden",
wantOutputFile: "testdata/photon-10.json.golden",
testfile: "testdata/fixtures/images/photon-10.tar.gz",
},
{
name: "happy path, valid image path, photon 2.0",
imageTag: "photon:2.0-20190726",
expectedOutputFile: "testdata/photon-20.json.golden",
wantOutputFile: "testdata/photon-20.json.golden",
testfile: "testdata/fixtures/images/photon-20.tar.gz",
},
{
name: "happy path, valid image path, photon 3.0",
imageTag: "photon:3.0-20190823",
expectedOutputFile: "testdata/photon-30.json.golden",
wantOutputFile: "testdata/photon-30.json.golden",
testfile: "testdata/fixtures/images/photon-30.tar.gz",
},
{
name: "buxybox with Cargo.lock integration",
imageTag: "busy-cargo:latest",
expectedOutputFile: "testdata/busybox-with-lockfile.json.golden",
wantOutputFile: "testdata/busybox-with-lockfile.json.golden",
testfile: "testdata/fixtures/images/busybox-with-lockfile.tar.gz",
},
{
name: "sad path, invalid image",
invalidImage: true,
testfile: "badimage:latest",
expectedError: "unable to inspect the image (index.docker.io/library/badimage:latest)",
wantError: "unable to inspect the image (index.docker.io/library/badimage:latest)",
},
}
@@ -276,9 +277,8 @@ func TestRun_WithDockerEngine(t *testing.T) {
require.NoError(t, err, tc.name)
}
of, err := os.CreateTemp("", "integration-docker-engine-output-file-*")
require.NoError(t, err, tc.name)
defer os.Remove(of.Name())
tmpDir := t.TempDir()
output := filepath.Join(tmpDir, "result.json")
// run trivy
app := commands.NewApp("dev")
@@ -288,7 +288,7 @@ func TestRun_WithDockerEngine(t *testing.T) {
trivyArgs = append(trivyArgs, "image")
}
trivyArgs = append(trivyArgs, []string{"--skip-update", "--format=json", "--output", of.Name()}...)
trivyArgs = append(trivyArgs, []string{"--skip-update", "--format=json", "--output", output}...)
if tc.ignoreUnfixed {
trivyArgs = append(trivyArgs, "--ignore-unfixed")
@@ -308,20 +308,18 @@ func TestRun_WithDockerEngine(t *testing.T) {
err = app.Run(trivyArgs)
switch {
case tc.expectedError != "":
case tc.wantError != "":
require.NotNil(t, err)
assert.Contains(t, err.Error(), tc.expectedError, tc.name)
assert.Contains(t, err.Error(), tc.wantError, tc.name)
return
default:
assert.NoError(t, err, tc.name)
}
// check for vulnerability output info
got, err := io.ReadAll(of)
assert.NoError(t, err, tc.name)
want, err := os.ReadFile(tc.expectedOutputFile)
assert.NoError(t, err, tc.name)
assert.JSONEq(t, string(want), string(got), tc.name)
got := readReport(t, output)
want := readReport(t, tc.wantOutputFile)
assert.Equal(t, want, got)
// cleanup
_, err = cli.ImageRemove(ctx, tc.testfile, types.ImageRemoveOptions{

18
integration/fs_test.go
View File

@@ -6,11 +6,11 @@ package integration
import (
"io"
"os"
"path/filepath"
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/aquasecurity/trivy/pkg/commands"
)
@@ -118,15 +118,9 @@ func TestFilesystem(t *testing.T) {
}
// Setup the output file
var outputFile string
outputFile := filepath.Join(t.TempDir(), "output.json")
if *update {
outputFile = tt.golden
} else {
output, err := os.CreateTemp("", "integration")
require.NoError(t, err)
assert.Nil(t, output.Close())
defer os.Remove(output.Name())
outputFile = output.Name()
}
osArgs = append(osArgs, "--output", outputFile)
@@ -140,12 +134,10 @@ func TestFilesystem(t *testing.T) {
assert.Nil(t, app.Run(osArgs))
// Compare want and got
want, err := os.ReadFile(tt.golden)
assert.NoError(t, err)
got, err := os.ReadFile(outputFile)
assert.NoError(t, err)
want := readReport(t, tt.golden)
got := readReport(t, outputFile)
assert.JSONEq(t, string(want), string(got))
assert.Equal(t, want, got)
})
}
}

28
integration/integration_test.go
View File

@@ -15,9 +15,11 @@ import (
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/aquasecurity/trivy-db/pkg/db"
"github.com/aquasecurity/trivy/pkg/report"
)
var update = flag.Bool("update", false, "update golden files")
@@ -85,3 +87,29 @@ func waitPort(ctx context.Context, addr string) error {
}
}
}
func readReport(t *testing.T, filePath string) report.Report {
t.Helper()
f, err := os.Open(filePath)
require.NoError(t, err, filePath)
defer f.Close()
var res report.Report
err = json.NewDecoder(f).Decode(&res)
require.NoError(t, err, filePath)
// We don't compare history because the nano-seconds in "created" don't match
res.Metadata.ImageConfig.History = nil
// We don't compare repo tags because the archive doesn't support it
res.Metadata.RepoTags = nil
return res
}
func compareReports(t *testing.T, wantFile, gotFile string) {
want := readReport(t, wantFile)
got := readReport(t, gotFile)
assert.Equal(t, want, got)
}

88
integration/registry_test.go
View File

@@ -26,7 +26,6 @@ import (
_ "github.com/aquasecurity/fanal/analyzer"
testdocker "github.com/aquasecurity/trivy/integration/docker"
"github.com/aquasecurity/trivy/pkg/commands"
"github.com/aquasecurity/trivy/pkg/report"
)
const (
@@ -193,7 +192,7 @@ func TestRegistry(t *testing.T) {
require.NoError(t, err)
// 2. Scan it
resultFile, cleanup, err := scan(t, imageRef, baseDir, tc.golden, tc.option)
resultFile, err := scan(t, imageRef, baseDir, tc.golden, tc.option)
if tc.wantErr != "" {
require.NotNil(t, err)
@@ -202,57 +201,40 @@ func TestRegistry(t *testing.T) {
} else {
require.NoError(t, err)
}
defer cleanup()
// 3. Compare want and got
golden, err := os.Open(tc.golden)
assert.NoError(t, err)
// 3. Read want and got
want := readReport(t, tc.golden)
got := readReport(t, resultFile)
var want report.Results
err = json.NewDecoder(golden).Decode(&want)
require.NoError(t, err)
// 4 Update some dynamic fields
want.ArtifactName = s
for i := range want.Results {
want.Results[i].Target = fmt.Sprintf("%s (alpine 3.10.2)", s)
}
want.Metadata.RepoDigests = []string{
fmt.Sprintf("%s/alpine@sha256:acd3ca9941a85e8ed16515bfc5328e4e2f8c128caa72959a58a127b7801ee01f", registryURL.Host),
}
result, err := os.Open(resultFile)
assert.NoError(t, err)
var got report.Results
err = json.NewDecoder(result).Decode(&got)
require.NoError(t, err)
assert.Equal(t, want[0].Vulnerabilities, got[0].Vulnerabilities)
assert.Equal(t, want[0].Vulnerabilities, got[0].Vulnerabilities)
// 5. Compare want and got
assert.Equal(t, want, got)
})
}
}
func scan(t *testing.T, imageRef name.Reference, baseDir, goldenFile string, opt registryOption) (string, func(), error) {
cleanup := func() {}
func scan(t *testing.T, imageRef name.Reference, baseDir, goldenFile string, opt registryOption) (string, error) {
// Set up testing DB
cacheDir := gunzipDB(t)
// Setup the output file
var outputFile string
if *update && goldenFile != "" {
outputFile := filepath.Join(t.TempDir(), "output.json")
if *update {
outputFile = goldenFile
} else {
output, err := os.CreateTemp("", "integration")
if err != nil {
return "", cleanup, err
}
defer output.Close()
outputFile = output.Name()
cleanup = func() {
os.Remove(outputFile)
}
}
// Setup env
if err := setupEnv(imageRef, baseDir, opt); err != nil {
return "", cleanup, err
if err := setupEnv(t, imageRef, baseDir, opt); err != nil {
return "", err
}
defer unsetEnv()
// Setup CLI App
app := commands.NewApp("dev")
@@ -262,15 +244,13 @@ func scan(t *testing.T, imageRef name.Reference, baseDir, goldenFile string, opt
// Run Trivy
if err := app.Run(osArgs); err != nil {
return "", cleanup, err
return "", err
}
return outputFile, cleanup, nil
return outputFile, nil
}
func setupEnv(imageRef name.Reference, baseDir string, opt registryOption) error {
if err := os.Setenv("TRIVY_INSECURE", "true"); err != nil {
return err
}
func setupEnv(t *testing.T, imageRef name.Reference, baseDir string, opt registryOption) error {
t.Setenv("TRIVY_INSECURE", "true")
if opt.Username != "" && opt.Password != "" {
if opt.RegistryToken {
@@ -279,26 +259,10 @@ func setupEnv(imageRef name.Reference, baseDir string, opt registryOption) error
if err != nil {
return err
}
if err := os.Setenv("TRIVY_REGISTRY_TOKEN", token); err != nil {
return err
}
t.Setenv("TRIVY_REGISTRY_TOKEN", token)
} else {
if err := os.Setenv("TRIVY_USERNAME", opt.Username); err != nil {
return err
}
if err := os.Setenv("TRIVY_PASSWORD", opt.Password); err != nil {
return err
}
}
}
return nil
}
func unsetEnv() error {
envs := []string{"TRIVY_INSECURE", "TRIVY_USERNAME", "TRIVY_PASSWORD", "TRIVY_REGISTRY_TOKEN"}
for _, e := range envs {
if err := os.Unsetenv(e); err != nil {
return err
t.Setenv("TRIVY_USERNAME", opt.Username)
t.Setenv("TRIVY_PASSWORD", opt.Password)
}
}
return nil

16
integration/standalone_tar_test.go
View File

@@ -6,6 +6,7 @@ package integration
import (
"io"
"os"
"path/filepath"
"strings"
"testing"
@@ -381,7 +382,6 @@ func TestRun_WithTar(t *testing.T) {
for _, c := range cases {
t.Run(c.name, func(t *testing.T) {
osArgs := []string{"trivy"}
osArgs = append(osArgs, "--cache-dir", cacheDir)
if c.testArgs.WithImageSubcommand {
@@ -423,14 +423,9 @@ func TestRun_WithTar(t *testing.T) {
}
// Setup the output file
var outputFile string
outputFile := filepath.Join(t.TempDir(), "output.json")
if *update {
outputFile = c.golden
} else {
output, _ := os.CreateTemp("", "integration")
assert.Nil(t, output.Close())
defer os.Remove(output.Name())
outputFile = output.Name()
}
osArgs = append(osArgs, []string{"--output", outputFile}...)
@@ -439,12 +434,7 @@ func TestRun_WithTar(t *testing.T) {
assert.Nil(t, app.Run(osArgs))
// Compare want and got
want, err := os.ReadFile(c.golden)
assert.NoError(t, err)
got, err := os.ReadFile(outputFile)
assert.NoError(t, err)
assert.JSONEq(t, string(want), string(got))
compareReports(t, c.golden, outputFile)
})
}
}

54
integration/testdata/alpine-310-ignore-cveids.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.10.2",
"EOSL": true
},
"ImageID": "sha256:961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4",
"DiffIDs": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"ImageConfig": {
"architecture": "amd64",
"container": "0a80155a31551fcc1a36fccbbda79fcd3f0b1c7d270653d00310e6e2217c57e6",
"created": "2019-08-20T20:19:55.211423266Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-20T20:19:55.062606894Z",
"created_by": "/bin/sh -c #(nop) ADD file:fe64057fbb83dccb960efabbf1cd8777920ef279a7fa8dbca0a8801c651bdf7c in / "
},
{
"created": "2019-08-20T20:19:55.211423266Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:06f4121dff4d0123ce11bd2e44f48da9ba9ddcd23ae376ea1f363f63ea0849b5",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)",
"Class": "os-pkgs",
@@ -170,4 +219,5 @@
}
]
}
]
]
}

54
integration/testdata/alpine-310-ignore-unfixed.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.10.2",
"EOSL": true
},
"ImageID": "sha256:961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4",
"DiffIDs": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"ImageConfig": {
"architecture": "amd64",
"container": "0a80155a31551fcc1a36fccbbda79fcd3f0b1c7d270653d00310e6e2217c57e6",
"created": "2019-08-20T20:19:55.211423266Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-20T20:19:55.062606894Z",
"created_by": "/bin/sh -c #(nop) ADD file:fe64057fbb83dccb960efabbf1cd8777920ef279a7fa8dbca0a8801c651bdf7c in / "
},
{
"created": "2019-08-20T20:19:55.211423266Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:06f4121dff4d0123ce11bd2e44f48da9ba9ddcd23ae376ea1f363f63ea0849b5",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)",
"Class": "os-pkgs",
@@ -322,4 +371,5 @@
}
]
}
]
]
}

54
integration/testdata/alpine-310-medium-high.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.10.2",
"EOSL": true
},
"ImageID": "sha256:961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4",
"DiffIDs": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"ImageConfig": {
"architecture": "amd64",
"container": "0a80155a31551fcc1a36fccbbda79fcd3f0b1c7d270653d00310e6e2217c57e6",
"created": "2019-08-20T20:19:55.211423266Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-20T20:19:55.062606894Z",
"created_by": "/bin/sh -c #(nop) ADD file:fe64057fbb83dccb960efabbf1cd8777920ef279a7fa8dbca0a8801c651bdf7c in / "
},
{
"created": "2019-08-20T20:19:55.211423266Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:06f4121dff4d0123ce11bd2e44f48da9ba9ddcd23ae376ea1f363f63ea0849b5",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)",
"Class": "os-pkgs",
@@ -242,4 +291,5 @@
}
]
}
]
]
}

56
integration/testdata/alpine-310-registry.json.golden vendored
View File

@@ -1,6 +1,55 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.10.2",
"EOSL": true
},
"ImageID": "sha256:961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4",
"DiffIDs": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"ImageConfig": {
"architecture": "amd64",
"container": "0a80155a31551fcc1a36fccbbda79fcd3f0b1c7d270653d00310e6e2217c57e6",
"created": "2019-08-20T20:19:55.211423266Z",
"docker_version": "18.06.1-ce",
"history": [
{
"Target": "localhost:32779/alpine:3.10 (alpine 3.10.2)",
"created": "2019-08-20T20:19:55.062606894Z",
"created_by": "/bin/sh -c #(nop) ADD file:fe64057fbb83dccb960efabbf1cd8777920ef279a7fa8dbca0a8801c651bdf7c in / "
},
{
"created": "2019-08-20T20:19:55.211423266Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:06f4121dff4d0123ce11bd2e44f48da9ba9ddcd23ae376ea1f363f63ea0849b5",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)",
"Class": "os-pkgs",
"Type": "alpine",
"Vulnerabilities": [
@@ -330,4 +379,5 @@
}
]
}
]
]
}

54
integration/testdata/alpine-310.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.10.2",
"EOSL": true
},
"ImageID": "sha256:961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4",
"DiffIDs": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"ImageConfig": {
"architecture": "amd64",
"container": "0a80155a31551fcc1a36fccbbda79fcd3f0b1c7d270653d00310e6e2217c57e6",
"created": "2019-08-20T20:19:55.211423266Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-20T20:19:55.062606894Z",
"created_by": "/bin/sh -c #(nop) ADD file:fe64057fbb83dccb960efabbf1cd8777920ef279a7fa8dbca0a8801c651bdf7c in / "
},
{
"created": "2019-08-20T20:19:55.211423266Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:06f4121dff4d0123ce11bd2e44f48da9ba9ddcd23ae376ea1f363f63ea0849b5",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)",
"Class": "os-pkgs",
@@ -322,4 +371,5 @@
}
]
}
]
]
}

54
integration/testdata/alpine-39.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/alpine-39.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "alpine",
"Name": "3.9.4",
"EOSL": true
},
"ImageID": "sha256:055936d3920576da37aa9bc460d70c5f212028bda1c08c0879aedf03d7a66ea1",
"DiffIDs": [
"sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"
],
"ImageConfig": {
"architecture": "amd64",
"container": "c10d36fa368a7ea673683682666758adf35efe98e10989505f4f566b5b18538f",
"created": "2019-05-11T00:07:03.510395965Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-05-11T00:07:03.358250803Z",
"created_by": "/bin/sh -c #(nop) ADD file:a86aea1f3a7d68f6ae03397b99ea77f2e9ee901c5c59e59f76f93adbb4035913 in / "
},
{
"created": "2019-05-11T00:07:03.510395965Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81"
]
},
"config": {
"Cmd": [
"/bin/sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:09f2bbe58e774849d74dc1391c2e01731896c745c4aba1ecf69a283bdb4b537a",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/alpine-39.tar.gz (alpine 3.9.4)",
"Class": "os-pkgs",
@@ -382,4 +431,5 @@
}
]
}
]
]
}

53
integration/testdata/amazon-1.json.golden vendored
View File

@@ -1,4 +1,52 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/amazon-1.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "amazon",
"Name": "AMI release 2018.03"
},
"ImageID": "sha256:961c4ee06269351d858969ea0426878675ed708d3a140246eabbc0bfc352bffa",
"DiffIDs": [
"sha256:984fe1509738f6f00f34d9be7398b07ebeb8b98dda077ff6be2cdb87111b73cf"
],
"ImageConfig": {
"architecture": "amd64",
"container": "ef1b126795001e9b4bdc14a01180e4d8146282d279f53e05adfaa8195ecda20e",
"created": "2019-09-05T23:37:46.854286502Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-09-05T23:37:46.575366692Z",
"created_by": "/bin/sh -c #(nop) ADD file:45ed06ba8960dec70e01e809fe38df2718d4b16aa2b0f88835522d8366de71e3 in / "
},
{
"created": "2019-09-05T23:37:46.854286502Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:984fe1509738f6f00f34d9be7398b07ebeb8b98dda077ff6be2cdb87111b73cf"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:8db654f611aca1693ac658bd981ee35e4b6517e6ef74fa608c4b3b3595a986c8",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/amazon-1.tar.gz (amazon AMI release 2018.03)",
"Class": "os-pkgs",
@@ -667,4 +715,5 @@
}
]
}
]
]
}

53
integration/testdata/amazon-2.json.golden vendored
View File

@@ -1,4 +1,52 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/amazon-2.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "amazon",
"Name": "2 (Karoo)"
},
"ImageID": "sha256:b94321659aca6a89cb7650a5b864bc8ec4bf62c620b8f1a01530c2e90a88c391",
"DiffIDs": [
"sha256:f387c8b346c85cae37abd1f1a63015acb69f593dc425d0269f57d1012c3a81f6"
],
"ImageConfig": {
"architecture": "amd64",
"container": "e020a5508b9f809b29659128692cd634e3d4fba3f2c13d2029d797317b5c3a56",
"created": "2019-05-23T22:20:00.121624838Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-05-23T22:19:59.161963646Z",
"created_by": "/bin/sh -c #(nop) ADD file:3cf811fe5073384ff1d5f405992ef7e5e452ad6d4a4cb873eee65007382f3a4a in / "
},
{
"created": "2019-05-23T22:20:00.121624838Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f387c8b346c85cae37abd1f1a63015acb69f593dc425d0269f57d1012c3a81f6"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:648b8b37f8b5087423bec7f4331271253f8aff63154761a67c22cd0c3ba2661b",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/amazon-2.tar.gz (amazon 2 (Karoo))",
"Class": "os-pkgs",
@@ -3506,4 +3554,5 @@
}
]
}
]
]
}

54
integration/testdata/busybox-with-lockfile.json.golden vendored
View File

@@ -1,4 +1,53 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/busybox-with-lockfile.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"ImageID": "sha256:17c82adee8b5ffec7d6e30dba333bb37986add86afeb4a07754407bb049faedb",
"DiffIDs": [
"sha256:a6d503001157aedc826853f9b67f26d35966221b158bff03849868ae4a821116",
"sha256:ea6f6933da66090da8bfe233d68f083792a68f944cd2d8f9fbb52da795813a4f"
],
"ImageConfig": {
"architecture": "amd64",
"created": "2020-04-26T16:23:28.996276377Z",
"docker_version": "19.03.8",
"history": [
{
"created": "2020-03-10T00:19:32.83969331Z",
"created_by": "/bin/sh -c #(nop) ADD file:450bea8cddb743ed282cb1ade3d1614033172b93ef531c69a4e49fda3016cef0 in / "
},
{
"created": "2020-03-10T00:19:33.019716493Z",
"created_by": "/bin/sh -c #(nop) CMD [\"sh\"]",
"empty_layer": true
},
{
"created": "2020-04-26T16:23:28.996276377Z",
"created_by": "/bin/sh -c #(nop) ADD 343df0159abcc51b06b4e56bfd4c06d2003b88947ed93b0cec6214ae5985669e in . "
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:a6d503001157aedc826853f9b67f26d35966221b158bff03849868ae4a821116",
"sha256:ea6f6933da66090da8bfe233d68f083792a68f944cd2d8f9fbb52da795813a4f"
]
},
"config": {
"Cmd": [
"sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:83aa35aa1c79e4b6957e018da6e322bfca92bf3b4696a211b42502543c242d6f",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "Cargo.lock",
"Class": "lang-pkgs",
@@ -133,4 +182,5 @@
}
]
}
]
]
}

76
integration/testdata/centos-6.json.golden vendored
View File

@@ -1,4 +1,75 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/centos-6.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "centos",
"Name": "6.10",
"EOSL": true
},
"ImageID": "sha256:d0957ffdf8a2ea8c8925903862b65a1b6850dbb019f88d45e927d3d5a3fa0c31",
"DiffIDs": [
"sha256:af6bf1987c2eb07d73f33836b0d8fd825d7c785273526b077e46780e8b4b2ae9"
],
"ImageConfig": {
"architecture": "amd64",
"author": "https://github.com/CentOS/sig-cloud-instance-images",
"container": "d519f3e5c41d16388d3fba0dac626427b21deb98cce150dee80c180b9baf9435",
"created": "2019-03-14T21:20:11.486358099Z",
"docker_version": "18.06.1-ce",
"history": [
{
"author": "https://github.com/CentOS/sig-cloud-instance-images",
"created": "2018-10-09T18:20:03.816986835Z",
"created_by": "/bin/sh -c #(nop) MAINTAINER https://github.com/CentOS/sig-cloud-instance-images",
"empty_layer": true
},
{
"author": "https://github.com/CentOS/sig-cloud-instance-images",
"created": "2019-03-14T21:20:10.936939354Z",
"created_by": "/bin/sh -c #(nop) ADD file:0065316a41144e95bcb133567cc86816b8368a823cc067d741e06ded59849fd8 in / "
},
{
"author": "https://github.com/CentOS/sig-cloud-instance-images",
"created": "2019-03-14T21:20:11.322700622Z",
"created_by": "/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20181006",
"empty_layer": true
},
{
"author": "https://github.com/CentOS/sig-cloud-instance-images",
"created": "2019-03-14T21:20:11.486358099Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:af6bf1987c2eb07d73f33836b0d8fd825d7c785273526b077e46780e8b4b2ae9"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:143abcd43bce45f4fd9ba51c7361051d7ea9e9e1eadb66e5c94a9c1b7754524f",
"Labels": {
"org.label-schema.build-date": "20181006",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/centos-6.tar.gz (centos 6.10)",
"Class": "os-pkgs",
@@ -27249,4 +27320,5 @@
}
]
}
]
]
}

65
integration/testdata/centos-7-ignore-unfixed.json.golden vendored
View File

@@ -1,4 +1,64 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/centos-7.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "centos",
"Name": "7.6.1810"
},
"ImageID": "sha256:9f38484d220fa527b1fb19747638497179500a1bed8bf0498eb788229229e6e1",
"DiffIDs": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
],
"ImageConfig": {
"architecture": "amd64",
"container": "958baf5225f586da9c70a21e911a0a875402dd22d83133d78b3b3aa6130e7892",
"created": "2019-03-14T21:19:53.361167852Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-03-14T21:19:52.66982152Z",
"created_by": "/bin/sh -c #(nop) ADD file:074f2c974463ab38cf3532134e8ba2c91c9e346457713f2e8b8e2ac0ee9fd83d in / "
},
{
"created": "2019-03-14T21:19:53.099141434Z",
"created_by": "/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20190305",
"empty_layer": true
},
{
"created": "2019-03-14T21:19:53.361167852Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:294e8d8145287e70f07328cc09d840fad8980b801223321b983442f097aff0d8",
"Labels": {
"org.label-schema.build-date": "20190305",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)",
"Class": "os-pkgs",
@@ -4666,4 +4726,5 @@
}
]
}
]
]
}

65
integration/testdata/centos-7-low-high.json.golden vendored
View File

@@ -1,4 +1,64 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/centos-7.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "centos",
"Name": "7.6.1810"
},
"ImageID": "sha256:9f38484d220fa527b1fb19747638497179500a1bed8bf0498eb788229229e6e1",
"DiffIDs": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
],
"ImageConfig": {
"architecture": "amd64",
"container": "958baf5225f586da9c70a21e911a0a875402dd22d83133d78b3b3aa6130e7892",
"created": "2019-03-14T21:19:53.361167852Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-03-14T21:19:52.66982152Z",
"created_by": "/bin/sh -c #(nop) ADD file:074f2c974463ab38cf3532134e8ba2c91c9e346457713f2e8b8e2ac0ee9fd83d in / "
},
{
"created": "2019-03-14T21:19:53.099141434Z",
"created_by": "/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20190305",
"empty_layer": true
},
{
"created": "2019-03-14T21:19:53.361167852Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:294e8d8145287e70f07328cc09d840fad8980b801223321b983442f097aff0d8",
"Labels": {
"org.label-schema.build-date": "20190305",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)",
"Class": "os-pkgs",
@@ -2524,4 +2584,5 @@
}
]
}
]
]
}

65
integration/testdata/centos-7.json.golden vendored
View File

@@ -1,4 +1,64 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/centos-7.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "centos",
"Name": "7.6.1810"
},
"ImageID": "sha256:9f38484d220fa527b1fb19747638497179500a1bed8bf0498eb788229229e6e1",
"DiffIDs": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
],
"ImageConfig": {
"architecture": "amd64",
"container": "958baf5225f586da9c70a21e911a0a875402dd22d83133d78b3b3aa6130e7892",
"created": "2019-03-14T21:19:53.361167852Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-03-14T21:19:52.66982152Z",
"created_by": "/bin/sh -c #(nop) ADD file:074f2c974463ab38cf3532134e8ba2c91c9e346457713f2e8b8e2ac0ee9fd83d in / "
},
{
"created": "2019-03-14T21:19:53.099141434Z",
"created_by": "/bin/sh -c #(nop) LABEL org.label-schema.schema-version=1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20190305",
"empty_layer": true
},
{
"created": "2019-03-14T21:19:53.361167852Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:d69483a6face4499acb974449d1303591fcbb5cdce5420f36f8a6607bda11854"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:294e8d8145287e70f07328cc09d840fad8980b801223321b983442f097aff0d8",
"Labels": {
"org.label-schema.build-date": "20190305",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/centos-7.tar.gz (centos 7.6.1810)",
"Class": "os-pkgs",
@@ -29334,4 +29394,5 @@
}
]
}
]
]
}

53
integration/testdata/debian-buster-ignore-unfixed.json.golden vendored
View File

@@ -1,4 +1,52 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "10.1"
},
"ImageID": "sha256:c2c03a296d2329a4f3ab72a7bf38b78a8a80108204d326b0139d6af700e152d1",
"DiffIDs": [
"sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
],
"ImageConfig": {
"architecture": "amd64",
"container": "cbb6a20ddb7dedfeee41aeb21e9780f14afbb0f47a6b1ffa514a1822f45d0a51",
"created": "2019-09-11T23:21:51.562946709Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-09-11T23:21:51.123609274Z",
"created_by": "/bin/sh -c #(nop) ADD file:770e381defc5e4a0ba5df52265a96494b9f5d94309234cb3f7bc6b00e1d18f9a in / "
},
{
"created": "2019-09-11T23:21:51.562946709Z",
"created_by": "/bin/sh -c #(nop) CMD [\"bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
]
},
"config": {
"Cmd": [
"bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:5519bb349f72eef81944da56843c995b1b81ed67c8e7e48ac29dd6c543c1dd2d",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)",
"Class": "os-pkgs",
@@ -725,4 +773,5 @@
}
]
}
]
]
}

53
integration/testdata/debian-buster.json.golden vendored
View File

@@ -1,4 +1,52 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "10.1"
},
"ImageID": "sha256:c2c03a296d2329a4f3ab72a7bf38b78a8a80108204d326b0139d6af700e152d1",
"DiffIDs": [
"sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
],
"ImageConfig": {
"architecture": "amd64",
"container": "cbb6a20ddb7dedfeee41aeb21e9780f14afbb0f47a6b1ffa514a1822f45d0a51",
"created": "2019-09-11T23:21:51.562946709Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-09-11T23:21:51.123609274Z",
"created_by": "/bin/sh -c #(nop) ADD file:770e381defc5e4a0ba5df52265a96494b9f5d94309234cb3f7bc6b00e1d18f9a in / "
},
{
"created": "2019-09-11T23:21:51.562946709Z",
"created_by": "/bin/sh -c #(nop) CMD [\"bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:78c1b9419976227e05be9d243b7fa583bea44a5258e52018b2af4cdfe23d148d"
]
},
"config": {
"Cmd": [
"bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:5519bb349f72eef81944da56843c995b1b81ed67c8e7e48ac29dd6c543c1dd2d",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/debian-buster.tar.gz (debian 10.1)",
"Class": "os-pkgs",
@@ -3257,4 +3305,5 @@
}
]
}
]
]
}

53
integration/testdata/debian-stretch.json.golden vendored
View File

@@ -1,4 +1,52 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/debian-stretch.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "9.9"
},
"ImageID": "sha256:f26939cc87ef44a6fc554eedd0a976ab30b5bc2769d65d2e986b6c5f1fd4053d",
"DiffIDs": [
"sha256:f73e7e79899a33b4b9b78da62efb71520844f8dd518f3c390e27bc3063bce307"
],
"ImageConfig": {
"architecture": "amd64",
"container": "957bc0b73d29f0e1030fec9c63f81d3e81baa610cffcc9c574b14fee6d1821ae",
"created": "2019-08-14T00:24:45.872523599Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-14T00:24:45.612796997Z",
"created_by": "/bin/sh -c #(nop) ADD file:b9b24bd862a79bf6c6e79daf6babca27245063eb52a2f72ffc4fc3494ddd3d48 in / "
},
{
"created": "2019-08-14T00:24:45.872523599Z",
"created_by": "/bin/sh -c #(nop) CMD [\"bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f73e7e79899a33b4b9b78da62efb71520844f8dd518f3c390e27bc3063bce307"
]
},
"config": {
"Cmd": [
"bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:2ce0e924e5d43d66387e476478ce3c857b1eaae74b5c74693ed47b3502bbdc3e",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/debian-stretch.tar.gz (debian 9.9)",
"Class": "os-pkgs",
@@ -5772,4 +5820,5 @@
}
]
}
]
]
}

51
integration/testdata/distroless-base-ignore-unfixed.json.golden vendored
View File

@@ -1,4 +1,50 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/distroless-base.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "9.9"
},
"ImageID": "sha256:7f04a8d247173b1f2546d22913af637bbab4e7411e00ae6207da8d94c445750d",
"DiffIDs": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"history": [
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
},
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"
]
},
"config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt"
]
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/distroless-base.tar.gz (debian 9.9)",
"Class": "os-pkgs",
@@ -84,4 +130,5 @@
}
]
}
]
]
}

51
integration/testdata/distroless-base.json.golden vendored
View File

@@ -1,4 +1,50 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/distroless-base.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "9.9"
},
"ImageID": "sha256:7f04a8d247173b1f2546d22913af637bbab4e7411e00ae6207da8d94c445750d",
"DiffIDs": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"history": [
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
},
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5"
]
},
"config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt"
]
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/distroless-base.tar.gz (debian 9.9)",
"Class": "os-pkgs",
@@ -1096,4 +1142,5 @@
}
]
}
]
]
}

68
integration/testdata/distroless-python27.json.golden vendored
View File

@@ -1,4 +1,67 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/distroless-python27.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "9.9"
},
"ImageID": "sha256:6fcac2cc8a710f21577b5bbd534e0bfc841c0cca569b57182ba19054696cddda",
"DiffIDs": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5",
"sha256:6189abe095d53c1c9f2bfc8f50128ee876b9a5d10f9eda1564e5f5357d6ffe61",
"sha256:e92caab8efcf25a24bea5213ab7e54d4a5f5f08644836bb2d296070b1ae1044e"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"history": [
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
},
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
},
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
},
{
"author": "Bazel",
"created": "1970-01-01T00:00:00Z",
"created_by": "bazel build ..."
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02",
"sha256:dffd9992ca398466a663c87c92cfea2a2db0ae0cf33fcb99da60eec52addbfc5",
"sha256:6189abe095d53c1c9f2bfc8f50128ee876b9a5d10f9eda1564e5f5357d6ffe61",
"sha256:e92caab8efcf25a24bea5213ab7e54d4a5f5f08644836bb2d296070b1ae1044e"
]
},
"config": {
"Entrypoint": [
"/usr/bin/python2.7"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt"
]
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/distroless-python27.tar.gz (debian 9.9)",
"Class": "os-pkgs",
@@ -4021,4 +4084,5 @@
}
]
}
]
]
}

21
integration/testdata/dockerfile-custom-policies.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/custom-policy",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "Dockerfile",
"Class": "config",
@@ -37,4 +53,5 @@
}
]
}
]
]
}

21
integration/testdata/dockerfile-namespace-exception.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/namespace-exception",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "Dockerfile",
"Class": "config",
@@ -9,4 +25,5 @@
"Exceptions": 1
}
}
]
]
}

21
integration/testdata/dockerfile-rule-exception.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/rule-exception",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "Dockerfile",
"Class": "config",
@@ -9,4 +25,5 @@
"Exceptions": 1
}
}
]
]
}

21
integration/testdata/dockerfile.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/dockerfile",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "Dockerfile",
"Class": "config",
@@ -31,4 +47,5 @@
}
]
}
]
]
}

106
integration/testdata/fluentd-multiple-lockfiles.json.golden vendored
View File

@@ -1,4 +1,105 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/fluentd-multiple-lockfiles.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "debian",
"Name": "10.2"
},
"ImageID": "sha256:5a992077baba51b97f27591a10d54d2f2723dc9c81a3fe419e261023f2554933",
"DiffIDs": [
"sha256:831c5620387fb9efec59fc82a42b948546c6be601e3ab34a87108ecf852aa15f",
"sha256:02874b2b269dea8dde0f7edb4c9906904dfe38a09de1a214f20c650cfb15c60e",
"sha256:3752e1f6fd759c795c13aff2c93c081529366e27635ba6621e849b0f9cfc77f0",
"sha256:75e43d55939745950bc3f8fad56c5834617c4339f0f54755e69a0dd5372624e9",
"sha256:788c00e2cfc8f2a018ae4344ccf0b2c226ebd756d7effd1ce50eea1a4252cd89",
"sha256:25165eb51d15842f870f97873e0a58409d5e860e6108e3dd829bd10e484c0065"
],
"ImageConfig": {
"architecture": "amd64",
"container": "232f3fc7ddffd71dc3ff52c6c0c3a5feea2f51acffd9b53850a8fc6f1a15319a",
"created": "2020-03-04T13:59:39.161374106Z",
"docker_version": "19.03.4",
"history": [
{
"created": "2019-11-22T14:55:09.912242636Z",
"created_by": "/bin/sh -c #(nop) ADD file:bc8179c87c8dbb3d962bed1801f99e7c860ff03797cde6ad19b107d43b973ada in / "
},
{
"created": "2019-11-22T14:55:10.253859615Z",
"created_by": "/bin/sh -c #(nop) CMD [\"bash\"]",
"empty_layer": true
},
{
"created": "2020-03-04T13:58:17.973854594Z",
"created_by": "/bin/sh -c #(nop) ARG DEBIAN_FRONTEND=noninteractive",
"empty_layer": true
},
{
"created": "2020-03-04T13:58:18.12120844Z",
"created_by": "/bin/sh -c #(nop) COPY file:4e7fdb1bc31a0f689d88f6af28d4f0352e89a2ac598c523e9637da3de75bfada in /tmp/install.sh "
},
{
"created": "2020-03-04T13:58:18.26894021Z",
"created_by": "/bin/sh -c #(nop) COPY file:c03560fcb4f0aff4cecd93039c348ba4992564740c77e3d6049a44fe79ca44ab in /Gemfile "
},
{
"created": "2020-03-04T13:59:37.96119583Z",
"created_by": "|1 DEBIAN_FRONTEND=noninteractive /bin/sh -c chmod +x /tmp/install.sh \u0026\u0026 /bin/bash -l -c /tmp/install.sh \u0026\u0026 rm /tmp/*"
},
{
"created": "2020-03-04T13:59:38.583719926Z",
"created_by": "/bin/sh -c #(nop) COPY file:f742fdea941d5baccbf9a9c45ccc9cd943377f3c3e07da787a8d8d9f92a8b3d3 in /etc/fluent/fluent.conf "
},
{
"created": "2020-03-04T13:59:38.72131564Z",
"created_by": "/bin/sh -c #(nop) COPY file:a9ce963551c165ec55bb4d982d96336caa97e8c70011eb4ca58927956bd08e2a in /run.sh "
},
{
"created": "2020-03-04T13:59:38.844116271Z",
"created_by": "/bin/sh -c #(nop) EXPOSE 80",
"empty_layer": true
},
{
"created": "2020-03-04T13:59:38.99446051Z",
"created_by": "/bin/sh -c #(nop) ENV LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2",
"empty_layer": true
},
{
"created": "2020-03-04T13:59:39.161374106Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/run.sh\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:831c5620387fb9efec59fc82a42b948546c6be601e3ab34a87108ecf852aa15f",
"sha256:02874b2b269dea8dde0f7edb4c9906904dfe38a09de1a214f20c650cfb15c60e",
"sha256:3752e1f6fd759c795c13aff2c93c081529366e27635ba6621e849b0f9cfc77f0",
"sha256:75e43d55939745950bc3f8fad56c5834617c4339f0f54755e69a0dd5372624e9",
"sha256:788c00e2cfc8f2a018ae4344ccf0b2c226ebd756d7effd1ce50eea1a4252cd89",
"sha256:25165eb51d15842f870f97873e0a58409d5e860e6108e3dd829bd10e484c0065"
]
},
"config": {
"Cmd": [
"/run.sh"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2"
],
"Image": "sha256:2a538358cddc4824e9eff1531e0c63ae5e3cda85d2984c647df9b1c816b9b86b",
"ExposedPorts": {
"80/tcp": {}
}
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/fluentd-multiple-lockfiles.tar.gz (debian 10.2)",
"Class": "os-pkgs",
@@ -221,4 +322,5 @@
}
]
}
]
]
}

21
integration/testdata/nodejs.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/nodejs",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "package-lock.json",
"Class": "lang-pkgs",
@@ -224,4 +240,5 @@
}
]
}
]
]
}

61
integration/testdata/opensuse-leap-151.json.golden vendored
View File

@@ -1,4 +1,60 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/opensuse-leap-151.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "opensuse.leap",
"Name": "15.1",
"EOSL": true
},
"ImageID": "sha256:fef5ad254f6378f08071cfa2daaf05a1ce9857141c944b67a40742e63e65cecc",
"DiffIDs": [
"sha256:f7f9ae80878a1c56d8f9ca977a5d844168f7afc0c1429feef9366e713eac06ff"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Fabian Vogt \u003cfvogt@suse.com\u003e",
"created": "2019-11-05T15:54:41Z",
"history": [
{
"created": "2019-11-05T15:54:41Z",
"created_by": "KIWI 9.17.16"
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f7f9ae80878a1c56d8f9ca977a5d844168f7afc0c1429feef9366e713eac06ff"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Labels": {
"org.openbuildservice.disturl": "obs://build.opensuse.org/openSUSE:Leap:15.1:Images/images/740264e3294afe7ca32a3ea9deb863d2-opensuse-leap-image:docker",
"org.opencontainers.image.created": "2019-11-05T15:54:10.571514200Z",
"org.opencontainers.image.description": "Image containing a minimal environment for containers based on openSUSE Leap 15.1.",
"org.opencontainers.image.title": "openSUSE Leap 15.1 Base Container",
"org.opencontainers.image.url": "https://www.opensuse.org/",
"org.opencontainers.image.vendor": "openSUSE Project",
"org.opencontainers.image.version": "15.1.3.67",
"org.opensuse.base.created": "2019-11-05T15:54:10.571514200Z",
"org.opensuse.base.description": "Image containing a minimal environment for containers based on openSUSE Leap 15.1.",
"org.opensuse.base.disturl": "obs://build.opensuse.org/openSUSE:Leap:15.1:Images/images/740264e3294afe7ca32a3ea9deb863d2-opensuse-leap-image:docker",
"org.opensuse.base.reference": "registry.opensuse.org/opensuse/leap:15.1.3.67",
"org.opensuse.base.title": "openSUSE Leap 15.1 Base Container",
"org.opensuse.base.url": "https://www.opensuse.org/",
"org.opensuse.base.vendor": "openSUSE Project",
"org.opensuse.base.version": "15.1.3.67",
"org.opensuse.reference": "registry.opensuse.org/opensuse/leap:15.1.3.67"
}
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/opensuse-leap-151.tar.gz (opensuse.leap 15.1)",
"Class": "os-pkgs",
@@ -294,4 +350,5 @@
}
]
}
]
]
}

52
integration/testdata/opensuse-leap-423.json.golden vendored
View File

@@ -1,7 +1,55 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/opensuse-leap-423.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "opensuse.leap",
"Name": "42.3",
"EOSL": true
},
"ImageID": "sha256:8e098189cc8dcb9cf52438dded1403b802a5822acb22e44db027705a146fef7a",
"DiffIDs": [
"sha256:55e4cf12579297bd6b98a41e0f22e56241508b5f697dcc43ab9a3d7c546acb3c"
],
"ImageConfig": {
"architecture": "amd64",
"author": "SUSE Containers Team \u003ccontainers@suse.com\u003e",
"created": "2019-08-13T08:49:10Z",
"history": [
{
"created": "2019-08-13T08:48:40.372298552Z",
"created_by": "umoci config"
},
{
"author": "SUSE Containers Team \u003ccontainers@suse.com\u003e",
"created": "2019-08-13T08:49:10.375196393Z",
"created_by": "umoci config",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:55e4cf12579297bd6b98a41e0f22e56241508b5f697dcc43ab9a3d7c546acb3c"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Labels": {
"org.openbuildservice.disturl": "'obs://build.opensuse.org/Virtualization:containers:images:openSUSE-Leap-42.3/containers/e855437d458198eb2a8cf9d551fc66c3-openSUSE-Leap-42.3-container-image:docker'"
}
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/opensuse-leap-423.tar.gz (opensuse.leap 42.3)",
"Class": "os-pkgs",
"Type": "opensuse.leap"
}
]
]
}

63
integration/testdata/oraclelinux-6-slim.json.golden vendored
View File

@@ -1,4 +1,62 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/oraclelinux-6-slim.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "oracle",
"Name": "6.10",
"EOSL": true
},
"ImageID": "sha256:0689e911150c66c3f03c9b184239ff5578685f0de9f913e1fbfff71a6bb77461",
"DiffIDs": [
"sha256:a6f189f69066d36aff8efe2602482d28c02de433aef44ee9087b291df7e8fd08"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"container": "8878731dd37dcf400770b7f4b72a1e8e84d21d1cc8c47e4f697e126493cd4d54",
"created": "2019-06-14T22:36:44.570639862Z",
"docker_version": "18.06.1-ce",
"history": [
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2018-08-30T21:49:27.028879762Z",
"created_by": "/bin/sh -c #(nop) MAINTAINER Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"empty_layer": true
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-06-14T22:36:44.306550224Z",
"created_by": "/bin/sh -c #(nop) ADD file:f1e31a7216515c21d38e5af18cbaf6cac772a2f953ac2a9e7772beb29f2652d8 in / "
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-06-14T22:36:44.570639862Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:a6f189f69066d36aff8efe2602482d28c02de433aef44ee9087b291df7e8fd08"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:c68f924be5159077a4d1c5de261fab2f423bffc06e1534a154306d551978a95c",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/oraclelinux-6-slim.tar.gz (oracle 6.10)",
"Class": "os-pkgs",
@@ -501,4 +559,5 @@
}
]
}
]
]
}

62
integration/testdata/oraclelinux-7-slim.json.golden vendored
View File

@@ -1,4 +1,61 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/oraclelinux-7-slim.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "oracle",
"Name": "7.6"
},
"ImageID": "sha256:874477adb545ac1108a0c703bbf15f39cf00eb3a66052363ede44b971d648c29",
"DiffIDs": [
"sha256:4fee40bcfecff11f540de853f7f0dc71efbab8c14ea599452b617e215562e3e2"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"container": "eef695e3d8b370ac9770c6437285ffaeee9197f6a902ed42c970f680c77d8c91",
"created": "2019-08-08T22:29:13.643372657Z",
"docker_version": "18.06.1-ce",
"history": [
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2018-08-30T21:49:27.028879762Z",
"created_by": "/bin/sh -c #(nop) MAINTAINER Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"empty_layer": true
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-08-08T22:29:13.37257495Z",
"created_by": "/bin/sh -c #(nop) ADD file:ec6faaeaeb57818c0cdf4a109896315eb8c8d30a8d0a3fddce47d0479ec28fcf in / "
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-08-08T22:29:13.643372657Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:4fee40bcfecff11f540de853f7f0dc71efbab8c14ea599452b617e215562e3e2"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:9397663bff18e4294dec723411c402b55445d41c076040d050aaaaf1ac130313",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/oraclelinux-7-slim.tar.gz (oracle 7.6)",
"Class": "os-pkgs",
@@ -2710,4 +2767,5 @@
}
]
}
]
]
}

62
integration/testdata/oraclelinux-8-slim.json.golden vendored
View File

@@ -1,4 +1,61 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/oraclelinux-8-slim.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "oracle",
"Name": "8.0"
},
"ImageID": "sha256:73f821d86dfb84de2f3371288b1c28ff9f78913f7f61bf60eb652fafab548ea3",
"DiffIDs": [
"sha256:e3196b7450602f5547c52d197255dfa96a006ea9c52c19bf3ba2d5412a4b161e"
],
"ImageConfig": {
"architecture": "amd64",
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"container": "c00a901742ec3d7be814b0a90a11eb41c332c8ed5c9f49035af0e97c2a4b1114",
"created": "2019-10-15T21:23:40.950042801Z",
"docker_version": "18.06.1-ce",
"history": [
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2018-08-30T21:49:27.028879762Z",
"created_by": "/bin/sh -c #(nop) MAINTAINER Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"empty_layer": true
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-10-15T21:23:40.753460369Z",
"created_by": "/bin/sh -c #(nop) ADD file:4d6968487994b1c559af3fbb14644e32f15bf8c154b4db9209d05b434f691776 in / "
},
{
"author": "Oracle Linux Product Team \u003col-ovm-info_ww@oracle.com\u003e",
"created": "2019-10-15T21:23:40.950042801Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:e3196b7450602f5547c52d197255dfa96a006ea9c52c19bf3ba2d5412a4b161e"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:966f5e6fbcc4915f120935883ccc882ae0271e00917a2955cae3cca10fc899b9",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/oraclelinux-8-slim.tar.gz (oracle 8.0)",
"Class": "os-pkgs",
@@ -1723,4 +1780,5 @@
}
]
}
]
]
}

63
integration/testdata/photon-10.json.golden vendored
View File

@@ -1,4 +1,62 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/photon-10.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "photon",
"Name": "1.0"
},
"ImageID": "sha256:91bae7d50a3697560a26c74d1ea2c89f93994d6cc820b0c45930b889ec8205e2",
"DiffIDs": [
"sha256:9740df1ac227d21600b22524f869c9bec2d8c13446d1c8579a6195b6d855ae2b"
],
"ImageConfig": {
"architecture": "amd64",
"container": "19c0561fb4fdbf192cf1c53382ed623d9df34ef12f3d6fceebc094a14cf0fbb3",
"created": "2019-08-23T22:27:03.861643679Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-23T22:27:03.414237479Z",
"created_by": "/bin/sh -c #(nop) ADD file:f328b305cd347d88e1f2f11847075e42c746b557c465a93d468d7c20a9fdafa8 in / "
},
{
"created": "2019-08-23T22:27:03.705737675Z",
"created_by": "/bin/sh -c #(nop) LABEL name=Photon OS 1.0 Base Image vendor=VMware build-date=20190823",
"empty_layer": true
},
{
"created": "2019-08-23T22:27:03.861643679Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:9740df1ac227d21600b22524f869c9bec2d8c13446d1c8579a6195b6d855ae2b"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:dfa479c1cd7faef668c299b52fbc775f4df904a392ccbc0d374bf52e4fa2e5be",
"Labels": {
"build-date": "20190823",
"name": "Photon OS 1.0 Base Image",
"vendor": "VMware"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/photon-10.tar.gz (photon 1.0)",
"Class": "os-pkgs",
@@ -764,4 +822,5 @@
}
]
}
]
]
}

63
integration/testdata/photon-20.json.golden vendored
View File

@@ -1,4 +1,62 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/photon-20.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "photon",
"Name": "2.0"
},
"ImageID": "sha256:15bd3cb464a2746dfbb6c942022c7c666c349c0579ecc39bf7b7abae40bc18b7",
"DiffIDs": [
"sha256:41cdb0d109d6a7cf33d6a439c3d6e586d7dba0be84606066693ea4573a4a9b66"
],
"ImageConfig": {
"architecture": "amd64",
"container": "fb859bb7c6f1a32b3c75be0d746f4c9fa2ad7c3072c903e90d220261a7abf240",
"created": "2019-07-27T00:22:18.482655014Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-07-27T00:22:18.156548541Z",
"created_by": "/bin/sh -c #(nop) ADD file:ac5bd1051be53ef75116a4924e67f767ca29def6fb6b15405715f4b4ad3e039d in / "
},
{
"created": "2019-07-27T00:22:18.307713726Z",
"created_by": "/bin/sh -c #(nop) LABEL name=Photon OS 2.0 Base Image vendor=VMware build-date=20190726",
"empty_layer": true
},
{
"created": "2019-07-27T00:22:18.482655014Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:41cdb0d109d6a7cf33d6a439c3d6e586d7dba0be84606066693ea4573a4a9b66"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:f1ee8270ca15b34f868cc35b469cc95f83e712d5f5bf8b46d108928acf3aa05b",
"Labels": {
"build-date": "20190726",
"name": "Photon OS 2.0 Base Image",
"vendor": "VMware"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/photon-20.tar.gz (photon 2.0)",
"Class": "os-pkgs",
@@ -1093,4 +1151,5 @@
}
]
}
]
]
}

63
integration/testdata/photon-30.json.golden vendored
View File

@@ -1,4 +1,62 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/photon-30.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "photon",
"Name": "3.0"
},
"ImageID": "sha256:5ccb5186b75cd13ff0d028f5b5b2bdf7ef7ca2b3d56eb2c6eb6c136077a6991a",
"DiffIDs": [
"sha256:0f379947a276b7b051643960392fa66c2f0cb493bc1dcd471abb5545005949fd"
],
"ImageConfig": {
"architecture": "amd64",
"container": "ed27e7f1fbd8ef9d3ea89947f682907e9a65a8e51bbe2e0eba60db6e69213848",
"created": "2019-08-23T22:26:32.857588774Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-23T22:26:32.53400229Z",
"created_by": "/bin/sh -c #(nop) ADD file:0d19c0b1adc18a00f073eeb1a9d6e5e4fdde392b20a3229ec0ef88642549b2df in / "
},
{
"created": "2019-08-23T22:26:32.689364313Z",
"created_by": "/bin/sh -c #(nop) LABEL name=Photon OS x86_64/3.0 Base Image vendor=VMware build-date=20190823",
"empty_layer": true
},
{
"created": "2019-08-23T22:26:32.857588774Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:0f379947a276b7b051643960392fa66c2f0cb493bc1dcd471abb5545005949fd"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:e7cbb54381cebcd7eea8e391127352224e1d8268fd14bfa5c7dd53e507299f60",
"Labels": {
"build-date": "20190823",
"name": "Photon OS x86_64/3.0 Base Image",
"vendor": "VMware"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/photon-30.tar.gz (photon 3.0)",
"Class": "os-pkgs",
@@ -646,4 +704,5 @@
}
]
}
]
]
}

21
integration/testdata/pip.json.golden vendored
View File

@@ -1,4 +1,20 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/pip",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "requirements.txt",
"Class": "lang-pkgs",
@@ -118,4 +134,5 @@
}
]
}
]
]
}

76
integration/testdata/ubi-7.json.golden vendored
View File

@@ -1,4 +1,75 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/ubi-7.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "redhat",
"Name": "7.7"
},
"ImageID": "sha256:6fecccc91c83e11ae4fede6793e9410841221d4779520c2b9e9fb7f7b3830264",
"DiffIDs": [
"sha256:4468e6d912c76d5b127f3554c3cd83b7dc07cce6107c6b916299ba76fa7d15ac",
"sha256:ecb0311889b3478bc9b62660fa9391d5ebf8da4c6ae143cb33434873668f9e36"
],
"ImageConfig": {
"architecture": "amd64",
"created": "2019-09-02T12:56:43.939095Z",
"docker_version": "1.13.1",
"history": [
{
"created": "2019-09-02T12:56:36.440695936Z",
"comment": "Imported from -"
},
{
"created": "2019-09-02T12:56:43.939095Z"
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:4468e6d912c76d5b127f3554c3cd83b7dc07cce6107c6b916299ba76fa7d15ac",
"sha256:ecb0311889b3478bc9b62660fa9391d5ebf8da4c6ae143cb33434873668f9e36"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"container=oci"
],
"Hostname": "0da2e3774382",
"Image": "2e9103a7b91a7ffe333e9162ce98ea078263747527571655e93bd4d35ee278f0",
"Labels": {
"architecture": "x86_64",
"authoritative-source-url": "registry.access.redhat.com",
"build-date": "2019-09-02T12:56:18.824770",
"com.redhat.build-host": "cpt-1005.osbs.prod.upshift.rdu2.redhat.com",
"com.redhat.component": "ubi7-container",
"com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI",
"description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
"distribution-scope": "public",
"io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.",
"io.k8s.display-name": "Red Hat Universal Base Image 7",
"io.openshift.tags": "base rhel7",
"maintainer": "Red Hat, Inc.",
"name": "ubi7",
"release": "140",
"summary": "Provides the latest release of the Red Hat Universal Base Image 7.",
"url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi7/images/7.7-140",
"vcs-ref": "4c80c8aa26e69950ab11b87789c8fb7665b1632d",
"vcs-type": "git",
"vendor": "Red Hat, Inc.",
"version": "7.7"
},
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/ubi-7.tar.gz (redhat 7.7)",
"Class": "os-pkgs",
@@ -25604,4 +25675,5 @@
}
]
}
]
]
}

71
integration/testdata/ubuntu-1604.json.golden vendored
View File

@@ -1,4 +1,70 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/ubuntu-1604.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "ubuntu",
"Name": "16.04"
},
"ImageID": "sha256:5e13f8dd4c1a20dbe677261cc73171093d502f8edd1da8bec47416cdc20323c6",
"DiffIDs": [
"sha256:f749b9b0fb213e9897417a985aaa9753d41bff474e1d0c0d1d266c4512eaf031",
"sha256:2558e637fbff95178cb4b43e0ca5f20a04ddeaf9673053bfa4dc10c72833d15a",
"sha256:aeda103e78c90b573700d64f6660efda378b59fe3e636ebfa28a0a105e2e2168",
"sha256:e79142719515e5304607fdd9adeb31db96b7acf00cabadac2678b056ed83bca6"
],
"ImageConfig": {
"architecture": "amd64",
"container": "dd31e0e0382f230149544dd4c1a4a02e50824aa0c02ce981087b3f08794cb3a2",
"created": "2019-07-23T15:22:34.054269174Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-07-23T15:22:31.648568069Z",
"created_by": "/bin/sh -c #(nop) ADD file:603693e48cdc7f0c5c62119923aadbb266e5df5a5002fc0f61295858f91690e8 in / "
},
{
"created": "2019-07-23T15:22:32.444207677Z",
"created_by": "/bin/sh -c rm -rf /var/lib/apt/lists/*"
},
{
"created": "2019-07-23T15:22:33.179492618Z",
"created_by": "/bin/sh -c set -xe \t\t\u0026\u0026 echo '#!/bin/sh' \u003e /usr/sbin/policy-rc.d \t\u0026\u0026 echo 'exit 101' \u003e\u003e /usr/sbin/policy-rc.d \t\u0026\u0026 chmod +x /usr/sbin/policy-rc.d \t\t\u0026\u0026 dpkg-divert --local --rename --add /sbin/initctl \t\u0026\u0026 cp -a /usr/sbin/policy-rc.d /sbin/initctl \t\u0026\u0026 sed -i 's/^exit.*/exit 0/' /sbin/initctl \t\t\u0026\u0026 echo 'force-unsafe-io' \u003e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup \t\t\u0026\u0026 echo 'DPkg::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'APT::Update::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'Dir::Cache::pkgcache \"\"; Dir::Cache::srcpkgcache \"\";' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\t\u0026\u0026 echo 'Acquire::Languages \"none\";' \u003e /etc/apt/apt.conf.d/docker-no-languages \t\t\u0026\u0026 echo 'Acquire::GzipIndexes \"true\"; Acquire::CompressionTypes::Order:: \"gz\";' \u003e /etc/apt/apt.conf.d/docker-gzip-indexes \t\t\u0026\u0026 echo 'Apt::AutoRemove::SuggestsImportant \"false\";' \u003e /etc/apt/apt.conf.d/docker-autoremove-suggests"
},
{
"created": "2019-07-23T15:22:33.883423097Z",
"created_by": "/bin/sh -c mkdir -p /run/systemd \u0026\u0026 echo 'docker' \u003e /run/systemd/container"
},
{
"created": "2019-07-23T15:22:34.054269174Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f749b9b0fb213e9897417a985aaa9753d41bff474e1d0c0d1d266c4512eaf031",
"sha256:2558e637fbff95178cb4b43e0ca5f20a04ddeaf9673053bfa4dc10c72833d15a",
"sha256:aeda103e78c90b573700d64f6660efda378b59fe3e636ebfa28a0a105e2e2168",
"sha256:e79142719515e5304607fdd9adeb31db96b7acf00cabadac2678b056ed83bca6"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:94a0c867edd7edc17a6d2736356509c9b6ce5ed6fc19544fe63dadd6ab576a40",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/ubuntu-1604.tar.gz (ubuntu 16.04)",
"Class": "os-pkgs",
@@ -6922,4 +6988,5 @@
}
]
}
]
]
}

71
integration/testdata/ubuntu-1804-ignore-unfixed.json.golden vendored
View File

@@ -1,4 +1,70 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/ubuntu-1804.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "ubuntu",
"Name": "18.04"
},
"ImageID": "sha256:a2a15febcdf362f6115e801d37b5e60d6faaeedcb9896155e5fe9d754025be12",
"DiffIDs": [
"sha256:6cebf3abed5fac58d2e792ce8461454e92c245d5312c42118f02e231a73b317f",
"sha256:f7eae43028b334123c3a1d778f7bdf9783bbe651c8b15371df0120fd13ec35c5",
"sha256:7beb13bce073c21c9ee608acb13c7e851845245dc76ce81b418fdf580c45076b",
"sha256:122be11ab4a29e554786b4a1ec4764dd55656b59d6228a0a3de78eaf5c1f226c"
],
"ImageConfig": {
"architecture": "amd64",
"container": "41b694b9b42f9c5ef7fb40c24272927a727a6d6cb8120bb3eae5849ceb9bee77",
"created": "2019-08-15T07:28:14.830150536Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-15T07:28:12.433344678Z",
"created_by": "/bin/sh -c #(nop) ADD file:c477cb0e95c56b51e0b7353f3805165393689902b82a41bbe77dbef4b31667e1 in / "
},
{
"created": "2019-08-15T07:28:13.20852008Z",
"created_by": "/bin/sh -c [ -z \"$(apt-get indextargets)\" ]"
},
{
"created": "2019-08-15T07:28:13.964607567Z",
"created_by": "/bin/sh -c set -xe \t\t\u0026\u0026 echo '#!/bin/sh' \u003e /usr/sbin/policy-rc.d \t\u0026\u0026 echo 'exit 101' \u003e\u003e /usr/sbin/policy-rc.d \t\u0026\u0026 chmod +x /usr/sbin/policy-rc.d \t\t\u0026\u0026 dpkg-divert --local --rename --add /sbin/initctl \t\u0026\u0026 cp -a /usr/sbin/policy-rc.d /sbin/initctl \t\u0026\u0026 sed -i 's/^exit.*/exit 0/' /sbin/initctl \t\t\u0026\u0026 echo 'force-unsafe-io' \u003e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup \t\t\u0026\u0026 echo 'DPkg::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'APT::Update::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'Dir::Cache::pkgcache \"\"; Dir::Cache::srcpkgcache \"\";' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\t\u0026\u0026 echo 'Acquire::Languages \"none\";' \u003e /etc/apt/apt.conf.d/docker-no-languages \t\t\u0026\u0026 echo 'Acquire::GzipIndexes \"true\"; Acquire::CompressionTypes::Order:: \"gz\";' \u003e /etc/apt/apt.conf.d/docker-gzip-indexes \t\t\u0026\u0026 echo 'Apt::AutoRemove::SuggestsImportant \"false\";' \u003e /etc/apt/apt.conf.d/docker-autoremove-suggests"
},
{
"created": "2019-08-15T07:28:14.64282638Z",
"created_by": "/bin/sh -c mkdir -p /run/systemd \u0026\u0026 echo 'docker' \u003e /run/systemd/container"
},
{
"created": "2019-08-15T07:28:14.830150536Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:6cebf3abed5fac58d2e792ce8461454e92c245d5312c42118f02e231a73b317f",
"sha256:f7eae43028b334123c3a1d778f7bdf9783bbe651c8b15371df0120fd13ec35c5",
"sha256:7beb13bce073c21c9ee608acb13c7e851845245dc76ce81b418fdf580c45076b",
"sha256:122be11ab4a29e554786b4a1ec4764dd55656b59d6228a0a3de78eaf5c1f226c"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:bcbe079849fdbb50b3eb04798547e046bdbc82020b8b780d767cf29f7e60b396",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/ubuntu-1804.tar.gz (ubuntu 18.04)",
"Class": "os-pkgs",
@@ -828,4 +894,5 @@
}
]
}
]
]
}

71
integration/testdata/ubuntu-1804.json.golden vendored
View File

@@ -1,4 +1,70 @@
[
{
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/images/ubuntu-1804.tar.gz",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
"Family": "ubuntu",
"Name": "18.04"
},
"ImageID": "sha256:a2a15febcdf362f6115e801d37b5e60d6faaeedcb9896155e5fe9d754025be12",
"DiffIDs": [
"sha256:6cebf3abed5fac58d2e792ce8461454e92c245d5312c42118f02e231a73b317f",
"sha256:f7eae43028b334123c3a1d778f7bdf9783bbe651c8b15371df0120fd13ec35c5",
"sha256:7beb13bce073c21c9ee608acb13c7e851845245dc76ce81b418fdf580c45076b",
"sha256:122be11ab4a29e554786b4a1ec4764dd55656b59d6228a0a3de78eaf5c1f226c"
],
"ImageConfig": {
"architecture": "amd64",
"container": "41b694b9b42f9c5ef7fb40c24272927a727a6d6cb8120bb3eae5849ceb9bee77",
"created": "2019-08-15T07:28:14.830150536Z",
"docker_version": "18.06.1-ce",
"history": [
{
"created": "2019-08-15T07:28:12.433344678Z",
"created_by": "/bin/sh -c #(nop) ADD file:c477cb0e95c56b51e0b7353f3805165393689902b82a41bbe77dbef4b31667e1 in / "
},
{
"created": "2019-08-15T07:28:13.20852008Z",
"created_by": "/bin/sh -c [ -z \"$(apt-get indextargets)\" ]"
},
{
"created": "2019-08-15T07:28:13.964607567Z",
"created_by": "/bin/sh -c set -xe \t\t\u0026\u0026 echo '#!/bin/sh' \u003e /usr/sbin/policy-rc.d \t\u0026\u0026 echo 'exit 101' \u003e\u003e /usr/sbin/policy-rc.d \t\u0026\u0026 chmod +x /usr/sbin/policy-rc.d \t\t\u0026\u0026 dpkg-divert --local --rename --add /sbin/initctl \t\u0026\u0026 cp -a /usr/sbin/policy-rc.d /sbin/initctl \t\u0026\u0026 sed -i 's/^exit.*/exit 0/' /sbin/initctl \t\t\u0026\u0026 echo 'force-unsafe-io' \u003e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup \t\t\u0026\u0026 echo 'DPkg::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'APT::Update::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'Dir::Cache::pkgcache \"\"; Dir::Cache::srcpkgcache \"\";' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\t\u0026\u0026 echo 'Acquire::Languages \"none\";' \u003e /etc/apt/apt.conf.d/docker-no-languages \t\t\u0026\u0026 echo 'Acquire::GzipIndexes \"true\"; Acquire::CompressionTypes::Order:: \"gz\";' \u003e /etc/apt/apt.conf.d/docker-gzip-indexes \t\t\u0026\u0026 echo 'Apt::AutoRemove::SuggestsImportant \"false\";' \u003e /etc/apt/apt.conf.d/docker-autoremove-suggests"
},
{
"created": "2019-08-15T07:28:14.64282638Z",
"created_by": "/bin/sh -c mkdir -p /run/systemd \u0026\u0026 echo 'docker' \u003e /run/systemd/container"
},
{
"created": "2019-08-15T07:28:14.830150536Z",
"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
"empty_layer": true
}
],
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:6cebf3abed5fac58d2e792ce8461454e92c245d5312c42118f02e231a73b317f",
"sha256:f7eae43028b334123c3a1d778f7bdf9783bbe651c8b15371df0120fd13ec35c5",
"sha256:7beb13bce073c21c9ee608acb13c7e851845245dc76ce81b418fdf580c45076b",
"sha256:122be11ab4a29e554786b4a1ec4764dd55656b59d6228a0a3de78eaf5c1f226c"
]
},
"config": {
"Cmd": [
"/bin/bash"
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Image": "sha256:bcbe079849fdbb50b3eb04798547e046bdbc82020b8b780d767cf29f7e60b396",
"ArgsEscaped": true
}
}
},
"Results": [
{
"Target": "testdata/fixtures/images/ubuntu-1804.tar.gz (ubuntu 18.04)",
"Class": "os-pkgs",
@@ -3118,4 +3184,5 @@
}
]
}
]
]
}

13
pkg/report/json.go
View File

@@ -4,11 +4,8 @@ import (
"encoding/json"
"fmt"
"io"
"os"
"golang.org/x/xerrors"
"github.com/aquasecurity/trivy/pkg/log"
)
// JSONWriter implements result Writer
@@ -18,15 +15,7 @@ type JSONWriter struct {
// Write writes the results in JSON format
func (jw JSONWriter) Write(report Report) error {
var v interface{} = report
if os.Getenv("TRIVY_NEW_JSON_SCHEMA") == "" {
// After migrating to the new JSON schema, TRIVY_NEW_JSON_SCHEMA will be removed.
log.Logger.Warnf("DEPRECATED: the current JSON schema is deprecated, check %s for more information.",
"https://github.com/aquasecurity/trivy/discussions/1050")
v = report.Results
}
output, err := json.MarshalIndent(v, "", " ")
output, err := json.MarshalIndent(report, "", " ")
if err != nil {
return xerrors.Errorf("failed to marshal json: %w", err)
}

18
pkg/report/json_test.go
View File

@@ -16,7 +16,7 @@ func TestReportWriter_JSON(t *testing.T) {
testCases := []struct {
name string
detectedVulns []types.DetectedVulnerability
expectedJSON report.Results
want report.Report
}{
{
name: "happy path",
@@ -34,7 +34,10 @@ func TestReportWriter_JSON(t *testing.T) {
},
},
},
expectedJSON: report.Results{
want: report.Report{
SchemaVersion: 2,
ArtifactName: "alpine:3.14",
Results: report.Results{
report.Result{
Target: "foojson",
Vulnerabilities: []types.DetectedVulnerability{
@@ -54,6 +57,7 @@ func TestReportWriter_JSON(t *testing.T) {
},
},
},
},
}
for _, tc := range testCases {
@@ -63,6 +67,8 @@ func TestReportWriter_JSON(t *testing.T) {
jw.Output = &jsonWritten
inputResults := report.Report{
SchemaVersion: 2,
ArtifactName: "alpine:3.14",
Results: report.Results{
{
Target: "foojson",
@@ -77,11 +83,11 @@ func TestReportWriter_JSON(t *testing.T) {
})
assert.NoError(t, err)
writtenResults := report.Results{}
err = json.Unmarshal([]byte(jsonWritten.String()), &writtenResults)
assert.NoError(t, err, "invalid json written", tc.name)
var got report.Report
err = json.Unmarshal(jsonWritten.Bytes(), &got)
assert.NoError(t, err, "invalid json written")
assert.Equal(t, tc.expectedJSON, writtenResults, tc.name)
assert.Equal(t, tc.want, got, tc.name)
})
}
}

12
pkg/rpc/convert.go
View File

@@ -372,6 +372,7 @@ func ConvertToRPCOS(fos *ftypes.OS) *common.OS {
return &common.OS{
Family: fos.Family,
Name: fos.Name,
Eosl: fos.Eosl,
}
}
@@ -476,14 +477,7 @@ func ConvertToMissingBlobsRequest(imageID string, layerIDs []string) *cache.Miss
}
// ConvertToRPCScanResponse converts report.Result to ScanResponse
func ConvertToRPCScanResponse(results report.Results, os *ftypes.OS) *scanner.ScanResponse {
rpcOS := &common.OS{}
if os != nil {
rpcOS.Family = os.Family
rpcOS.Name = os.Name
rpcOS.Eosl = os.Eosl
}
func ConvertToRPCScanResponse(results report.Results, fos *ftypes.OS) *scanner.ScanResponse {
var rpcResults []*scanner.Result
for _, result := range results {
rpcResults = append(rpcResults, &scanner.Result{
@@ -497,7 +491,7 @@ func ConvertToRPCScanResponse(results report.Results, os *ftypes.OS) *scanner.Sc
}
return &scanner.ScanResponse{
Os: rpcOS,
Os: ConvertToRPCOS(fos),
Results: rpcResults,
}
}