diff --git a/docs/docs/supply-chain/attestation/vuln.md b/docs/docs/supply-chain/attestation/vuln.md index e0f78a541a..c17164f0f3 100644 --- a/docs/docs/supply-chain/attestation/vuln.md +++ b/docs/docs/supply-chain/attestation/vuln.md @@ -30,6 +30,7 @@ $ trivy image --format cosign-vuln --output vuln.json alpine:3.10 }, "result": { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "alpine:3.10", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/client_server_test.go b/integration/client_server_test.go index eadd893cc8..6a85ca0b50 100644 --- a/integration/client_server_test.go +++ b/integration/client_server_test.go @@ -354,7 +354,7 @@ func TestClientServerWithFormat(t *testing.T) { }, } - fakeTime := time.Date(2020, 8, 10, 7, 28, 17, 958601, time.UTC) + fakeTime := time.Date(2021, 8, 25, 12, 20, 30, 5, time.UTC) clock.SetFakeTime(t, fakeTime) report.CustomTemplateFuncMap = map[string]interface{}{ @@ -419,7 +419,7 @@ func TestClientServerWithCycloneDX(t *testing.T) { addr, cacheDir := setup(t, setupOptions{}) for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - clock.SetFakeTime(t, time.Date(2020, 9, 10, 14, 20, 30, 5, time.UTC)) + clock.SetFakeTime(t, time.Date(2021, 8, 25, 12, 20, 30, 5, time.UTC)) uuid.SetFakeUUID(t, "3ff14136-e09f-4df9-80ea-%012d") osArgs, outputFile := setupClient(t, tt.args, addr, cacheDir, tt.golden) diff --git a/integration/integration_test.go b/integration/integration_test.go index 8f4ca3bc3d..67dc9aeb49 100644 --- a/integration/integration_test.go +++ b/integration/integration_test.go @@ -27,6 +27,7 @@ import ( "github.com/aquasecurity/trivy-db/pkg/db" "github.com/aquasecurity/trivy-db/pkg/metadata" + "github.com/aquasecurity/trivy/pkg/clock" "github.com/aquasecurity/trivy/pkg/commands" "github.com/aquasecurity/trivy/pkg/dbtest" "github.com/aquasecurity/trivy/pkg/types" @@ -43,6 +44,8 @@ func initDB(t *testing.T) string { entries, err := os.ReadDir(fixtureDir) require.NoError(t, err) + clock.SetFakeTime(t, time.Date(2021, 8, 25, 12, 20, 30, 5, time.UTC)) + var fixtures []string for _, entry := range entries { if entry.IsDir() { diff --git a/integration/repo_test.go b/integration/repo_test.go index 03dac4293c..e917288a03 100644 --- a/integration/repo_test.go +++ b/integration/repo_test.go @@ -480,7 +480,7 @@ func TestRepository(t *testing.T) { osArgs = append(osArgs, "--output", outputFile) osArgs = append(osArgs, tt.args.input) - clock.SetFakeTime(t, time.Date(2020, 9, 10, 14, 20, 30, 5, time.UTC)) + clock.SetFakeTime(t, time.Date(2021, 8, 25, 12, 20, 30, 5, time.UTC)) uuid.SetFakeUUID(t, "3ff14136-e09f-4df9-80ea-%012d") // Run "trivy repo" diff --git a/integration/testdata/almalinux-8.json.golden b/integration/testdata/almalinux-8.json.golden index 960de90952..b0c63578f3 100644 --- a/integration/testdata/almalinux-8.json.golden +++ b/integration/testdata/almalinux-8.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/almalinux-8.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-310-registry.json.golden b/integration/testdata/alpine-310-registry.json.golden index eb9c6fbfd7..7ceeca40e6 100644 --- a/integration/testdata/alpine-310-registry.json.golden +++ b/integration/testdata/alpine-310-registry.json.golden @@ -1,6 +1,7 @@ { "SchemaVersion": 2, - "ArtifactName": "localhost:55844/alpine:3.10", + "CreatedAt": 1629894030, + "ArtifactName": "localhost:53869/alpine:3.10", "ArtifactType": "container_image", "Metadata": { "OS": { @@ -13,10 +14,10 @@ "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0" ], "RepoTags": [ - "localhost:55844/alpine:3.10" + "localhost:53869/alpine:3.10" ], "RepoDigests": [ - "localhost:55844/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" + "localhost:53869/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60" ], "ImageConfig": { "architecture": "amd64", @@ -55,7 +56,7 @@ }, "Results": [ { - "Target": "localhost:55844/alpine:3.10 (alpine 3.10.2)", + "Target": "localhost:53869/alpine:3.10 (alpine 3.10.2)", "Class": "os-pkgs", "Type": "alpine", "Vulnerabilities": [ diff --git a/integration/testdata/alpine-310.asff.golden b/integration/testdata/alpine-310.asff.golden index 2f8e1a7489..6164ba5f11 100644 --- a/integration/testdata/alpine-310.asff.golden +++ b/integration/testdata/alpine-310.asff.golden @@ -7,8 +7,8 @@ "GeneratorId": "Trivy/CVE-2019-1549", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "MEDIUM" }, @@ -52,8 +52,8 @@ "GeneratorId": "Trivy/CVE-2019-1551", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "MEDIUM" }, @@ -97,8 +97,8 @@ "GeneratorId": "Trivy/CVE-2019-1549", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "MEDIUM" }, @@ -142,8 +142,8 @@ "GeneratorId": "Trivy/CVE-2019-1551", "AwsAccountId": "123456789012", "Types": [ "Software and Configuration Checks/Vulnerabilities/CVE" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "MEDIUM" }, diff --git a/integration/testdata/alpine-310.gsbom.golden b/integration/testdata/alpine-310.gsbom.golden index d4808b108a..006efffebf 100644 --- a/integration/testdata/alpine-310.gsbom.golden +++ b/integration/testdata/alpine-310.gsbom.golden @@ -11,7 +11,7 @@ "correlator": "workflow-name_integration", "id": "1910764383" }, - "scanned": "2020-08-10T07:28:17Z", + "scanned": "2021-08-25T12:20:30Z", "manifests": { "testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2)": { "name": "alpine", diff --git a/integration/testdata/alpine-310.html.golden b/integration/testdata/alpine-310.html.golden index 0b369b3d94..83840bd015 100644 --- a/integration/testdata/alpine-310.html.golden +++ b/integration/testdata/alpine-310.html.golden @@ -51,7 +51,7 @@ } a.toggle-more-links { cursor: pointer; } - testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2) - Trivy Report - 2020-08-10 07:28:17.000958601 +0000 UTC + testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2) - Trivy Report - 2021-08-25 12:20:30.000000005 +0000 UTC -

testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2) - Trivy Report - 2020-08-10 07:28:17.000958601 +0000 UTC

+

testdata/fixtures/images/alpine-310.tar.gz (alpine 3.10.2) - Trivy Report - 2021-08-25 12:20:30.000000005 +0000 UTC

diff --git a/integration/testdata/alpine-310.json.golden b/integration/testdata/alpine-310.json.golden index 8cd21b6114..b0d8dcfbf9 100644 --- a/integration/testdata/alpine-310.json.golden +++ b/integration/testdata/alpine-310.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-310.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-39-high-critical.json.golden b/integration/testdata/alpine-39-high-critical.json.golden index 12fe01b079..5fa44cf795 100644 --- a/integration/testdata/alpine-39-high-critical.json.golden +++ b/integration/testdata/alpine-39-high-critical.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-39.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-39-ignore-cveids.json.golden b/integration/testdata/alpine-39-ignore-cveids.json.golden index 9753bdfeba..8402925ba6 100644 --- a/integration/testdata/alpine-39-ignore-cveids.json.golden +++ b/integration/testdata/alpine-39-ignore-cveids.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-39.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-39-skip.json.golden b/integration/testdata/alpine-39-skip.json.golden index c3ad16e80c..6fedc78a89 100644 --- a/integration/testdata/alpine-39-skip.json.golden +++ b/integration/testdata/alpine-39-skip.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-39.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-39.json.golden b/integration/testdata/alpine-39.json.golden index d994c11755..38f23f8a7a 100644 --- a/integration/testdata/alpine-39.json.golden +++ b/integration/testdata/alpine-39.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-39.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/alpine-distroless.json.golden b/integration/testdata/alpine-distroless.json.golden index 23bc687572..2ca81fd332 100644 --- a/integration/testdata/alpine-distroless.json.golden +++ b/integration/testdata/alpine-distroless.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/alpine-distroless.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/amazon-1.json.golden b/integration/testdata/amazon-1.json.golden index 42517cebee..6377d1fc05 100644 --- a/integration/testdata/amazon-1.json.golden +++ b/integration/testdata/amazon-1.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/amazon-1.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/amazon-2.json.golden b/integration/testdata/amazon-2.json.golden index 5c48deeeef..bcf5d075f1 100644 --- a/integration/testdata/amazon-2.json.golden +++ b/integration/testdata/amazon-2.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/amazon-2.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/amazonlinux2-gp2-x86-vm.json.golden b/integration/testdata/amazonlinux2-gp2-x86-vm.json.golden index fe4cc1c099..9571ef6660 100644 --- a/integration/testdata/amazonlinux2-gp2-x86-vm.json.golden +++ b/integration/testdata/amazonlinux2-gp2-x86-vm.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "disk.img", "ArtifactType": "vm", "Metadata": { diff --git a/integration/testdata/busybox-with-lockfile.json.golden b/integration/testdata/busybox-with-lockfile.json.golden index e4477fc3fb..af904c31f3 100644 --- a/integration/testdata/busybox-with-lockfile.json.golden +++ b/integration/testdata/busybox-with-lockfile.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/busybox-with-lockfile.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/centos-6.json.golden b/integration/testdata/centos-6.json.golden index 8d09d3d97f..741e300d03 100644 --- a/integration/testdata/centos-6.json.golden +++ b/integration/testdata/centos-6.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/centos-6.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/centos-7-ignore-unfixed.json.golden b/integration/testdata/centos-7-ignore-unfixed.json.golden index aedf943fab..3c32c19fc7 100644 --- a/integration/testdata/centos-7-ignore-unfixed.json.golden +++ b/integration/testdata/centos-7-ignore-unfixed.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/centos-7.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/centos-7-medium.json.golden b/integration/testdata/centos-7-medium.json.golden index b158a47a51..4fc41b8a01 100644 --- a/integration/testdata/centos-7-medium.json.golden +++ b/integration/testdata/centos-7-medium.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/centos-7.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/centos-7.json.golden b/integration/testdata/centos-7.json.golden index 118d661ea2..26138b9a32 100644 --- a/integration/testdata/centos-7.json.golden +++ b/integration/testdata/centos-7.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/centos-7.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/cocoapods.json.golden b/integration/testdata/cocoapods.json.golden index 14685eac57..a9a1269970 100644 --- a/integration/testdata/cocoapods.json.golden +++ b/integration/testdata/cocoapods.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/cocoapods", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/composer.lock.json.golden b/integration/testdata/composer.lock.json.golden index 0b5947077c..d175123d14 100644 --- a/integration/testdata/composer.lock.json.golden +++ b/integration/testdata/composer.lock.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/composer", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/conan.json.golden b/integration/testdata/conan.json.golden index 4f8be4f3f8..ec7298b120 100644 --- a/integration/testdata/conan.json.golden +++ b/integration/testdata/conan.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/conan", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/conda-cyclonedx.json.golden b/integration/testdata/conda-cyclonedx.json.golden index b143acd7db..e449defa00 100644 --- a/integration/testdata/conda-cyclonedx.json.golden +++ b/integration/testdata/conda-cyclonedx.json.golden @@ -5,7 +5,7 @@ "serialNumber": "urn:uuid:3ff14136-e09f-4df9-80ea-000000000001", "version": 1, "metadata": { - "timestamp": "2020-09-10T14:20:30+00:00", + "timestamp": "2021-08-25T12:20:30+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/integration/testdata/conda-spdx.json.golden b/integration/testdata/conda-spdx.json.golden index 0ddb0febe8..9fc685b4aa 100644 --- a/integration/testdata/conda-spdx.json.golden +++ b/integration/testdata/conda-spdx.json.golden @@ -9,7 +9,7 @@ "Organization: aquasecurity", "Tool: trivy-dev" ], - "created": "2020-09-10T14:20:30Z" + "created": "2021-08-25T12:20:30Z" }, "packages": [ { diff --git a/integration/testdata/debian-buster-ignore-unfixed.json.golden b/integration/testdata/debian-buster-ignore-unfixed.json.golden index 4d31fa33bb..7d8e8418dc 100644 --- a/integration/testdata/debian-buster-ignore-unfixed.json.golden +++ b/integration/testdata/debian-buster-ignore-unfixed.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/debian-buster.json.golden b/integration/testdata/debian-buster.json.golden index 61009d5386..ef99f74559 100644 --- a/integration/testdata/debian-buster.json.golden +++ b/integration/testdata/debian-buster.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/debian-buster.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/debian-stretch.json.golden b/integration/testdata/debian-stretch.json.golden index f70c12fda9..2cec165ac3 100644 --- a/integration/testdata/debian-stretch.json.golden +++ b/integration/testdata/debian-stretch.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/debian-stretch.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/distroless-base.json.golden b/integration/testdata/distroless-base.json.golden index 5e2a989fe0..39aba72910 100644 --- a/integration/testdata/distroless-base.json.golden +++ b/integration/testdata/distroless-base.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/distroless-base.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/distroless-python27.json.golden b/integration/testdata/distroless-python27.json.golden index ec4e865fbb..c5f72aa791 100644 --- a/integration/testdata/distroless-python27.json.golden +++ b/integration/testdata/distroless-python27.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/distroless-python27.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/dockerfile-custom-policies.json.golden b/integration/testdata/dockerfile-custom-policies.json.golden index cbe0229666..aea2e3a5b2 100644 --- a/integration/testdata/dockerfile-custom-policies.json.golden +++ b/integration/testdata/dockerfile-custom-policies.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/custom-policy", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/dockerfile-namespace-exception.json.golden b/integration/testdata/dockerfile-namespace-exception.json.golden index 0f3427d8c2..53e6f93a6d 100644 --- a/integration/testdata/dockerfile-namespace-exception.json.golden +++ b/integration/testdata/dockerfile-namespace-exception.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/namespace-exception", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/dockerfile-rule-exception.json.golden b/integration/testdata/dockerfile-rule-exception.json.golden index 1507a4af95..6d447d9805 100644 --- a/integration/testdata/dockerfile-rule-exception.json.golden +++ b/integration/testdata/dockerfile-rule-exception.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/rule-exception", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/dockerfile.json.golden b/integration/testdata/dockerfile.json.golden index 4dc5cb289f..72ebc7d00a 100644 --- a/integration/testdata/dockerfile.json.golden +++ b/integration/testdata/dockerfile.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/dockerfile", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/dockerfile_file_pattern.json.golden b/integration/testdata/dockerfile_file_pattern.json.golden index c50361b793..fae1f25b28 100644 --- a/integration/testdata/dockerfile_file_pattern.json.golden +++ b/integration/testdata/dockerfile_file_pattern.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/dockerfile_file_pattern", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/dotnet.json.golden b/integration/testdata/dotnet.json.golden index a822c8940c..6409886f68 100644 --- a/integration/testdata/dotnet.json.golden +++ b/integration/testdata/dotnet.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/dotnet", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/fluentd-gems.json.golden b/integration/testdata/fluentd-gems.json.golden index 5d25d7dca8..2a6f60da38 100644 --- a/integration/testdata/fluentd-gems.json.golden +++ b/integration/testdata/fluentd-gems.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/fluentd-multiple-lockfiles.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/fluentd-multiple-lockfiles.cdx.json.golden b/integration/testdata/fluentd-multiple-lockfiles.cdx.json.golden index 88362c1fb5..d8583f1ad6 100644 --- a/integration/testdata/fluentd-multiple-lockfiles.cdx.json.golden +++ b/integration/testdata/fluentd-multiple-lockfiles.cdx.json.golden @@ -5,7 +5,7 @@ "serialNumber": "urn:uuid:3ff14136-e09f-4df9-80ea-000000000001", "version": 1, "metadata": { - "timestamp": "2020-09-10T14:20:30+00:00", + "timestamp": "2021-08-25T12:20:30+00:00", "tools": [ { "vendor": "aquasecurity", diff --git a/integration/testdata/fluentd-multiple-lockfiles.json.golden b/integration/testdata/fluentd-multiple-lockfiles.json.golden index 8dd8e07365..46cb86eda6 100644 --- a/integration/testdata/fluentd-multiple-lockfiles.json.golden +++ b/integration/testdata/fluentd-multiple-lockfiles.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/sbom/fluentd-multiple-lockfiles-cyclonedx.json", "ArtifactType": "cyclonedx", "Metadata": { diff --git a/integration/testdata/gomod-skip.json.golden b/integration/testdata/gomod-skip.json.golden index 1dfd67938b..b58c9abed5 100644 --- a/integration/testdata/gomod-skip.json.golden +++ b/integration/testdata/gomod-skip.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/gomod", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/gomod.json.golden b/integration/testdata/gomod.json.golden index 30cee57c31..397cfac892 100644 --- a/integration/testdata/gomod.json.golden +++ b/integration/testdata/gomod.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/gomod", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/gradle.json.golden b/integration/testdata/gradle.json.golden index a7cb434797..eac7bab609 100644 --- a/integration/testdata/gradle.json.golden +++ b/integration/testdata/gradle.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/gradle", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/helm.json.golden b/integration/testdata/helm.json.golden index 39789ee451..08b89c8cbe 100644 --- a/integration/testdata/helm.json.golden +++ b/integration/testdata/helm.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/helm", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/helm_badname.json.golden b/integration/testdata/helm_badname.json.golden index 9ca547ffbb..8b935eb05b 100644 --- a/integration/testdata/helm_badname.json.golden +++ b/integration/testdata/helm_badname.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/helm_badname", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/helm_testchart.json.golden b/integration/testdata/helm_testchart.json.golden index 3ee6bdc26c..00d8c86252 100644 --- a/integration/testdata/helm_testchart.json.golden +++ b/integration/testdata/helm_testchart.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/helm_testchart", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/helm_testchart.overridden.json.golden b/integration/testdata/helm_testchart.overridden.json.golden index 88097a308e..6adb110410 100644 --- a/integration/testdata/helm_testchart.overridden.json.golden +++ b/integration/testdata/helm_testchart.overridden.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/helm_testchart", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/mariner-1.0.json.golden b/integration/testdata/mariner-1.0.json.golden index 31bddad34f..7c93c46e7f 100644 --- a/integration/testdata/mariner-1.0.json.golden +++ b/integration/testdata/mariner-1.0.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/mariner-1.0.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/minikube-kbom.json.golden b/integration/testdata/minikube-kbom.json.golden index 2677251733..4d4b277c7e 100644 --- a/integration/testdata/minikube-kbom.json.golden +++ b/integration/testdata/minikube-kbom.json.golden @@ -1,12 +1,12 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/sbom/minikube-kbom.json", "ArtifactType": "cyclonedx", "Metadata": { "OS": { "Family": "ubuntu", - "Name": "22.04.2", - "EOSL": false + "Name": "22.04.2" }, "ImageConfig": { "architecture": "", diff --git a/integration/testdata/mix.lock.json.golden b/integration/testdata/mix.lock.json.golden index bb55851542..8af6ae4042 100644 --- a/integration/testdata/mix.lock.json.golden +++ b/integration/testdata/mix.lock.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/mixlock", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/npm-with-dev.json.golden b/integration/testdata/npm-with-dev.json.golden index 0b69c7067f..a77dcd400c 100644 --- a/integration/testdata/npm-with-dev.json.golden +++ b/integration/testdata/npm-with-dev.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/npm", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/npm.json.golden b/integration/testdata/npm.json.golden index 3afbd63c5c..0fbf98b5ee 100644 --- a/integration/testdata/npm.json.golden +++ b/integration/testdata/npm.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/npm", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/nuget.json.golden b/integration/testdata/nuget.json.golden index 5a38c64b0a..7f5eb95503 100644 --- a/integration/testdata/nuget.json.golden +++ b/integration/testdata/nuget.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/nuget", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/opensuse-leap-151.json.golden b/integration/testdata/opensuse-leap-151.json.golden index bf314ed0e8..70e4c9f700 100644 --- a/integration/testdata/opensuse-leap-151.json.golden +++ b/integration/testdata/opensuse-leap-151.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/opensuse-leap-151.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/oraclelinux-8.json.golden b/integration/testdata/oraclelinux-8.json.golden index 1755255d77..f280f58ec2 100644 --- a/integration/testdata/oraclelinux-8.json.golden +++ b/integration/testdata/oraclelinux-8.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/oraclelinux-8.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/photon-30.json.golden b/integration/testdata/photon-30.json.golden index b61b30e27d..e3919d189a 100644 --- a/integration/testdata/photon-30.json.golden +++ b/integration/testdata/photon-30.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/photon-30.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/pip.json.golden b/integration/testdata/pip.json.golden index 01eaa3f295..0c69d66da2 100644 --- a/integration/testdata/pip.json.golden +++ b/integration/testdata/pip.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/pip", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/pipenv.json.golden b/integration/testdata/pipenv.json.golden index 663a4f2474..be56a0c3ea 100644 --- a/integration/testdata/pipenv.json.golden +++ b/integration/testdata/pipenv.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/pipenv", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/pnpm.json.golden b/integration/testdata/pnpm.json.golden index 5f79165b34..9a14d80126 100644 --- a/integration/testdata/pnpm.json.golden +++ b/integration/testdata/pnpm.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/pnpm", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/poetry.json.golden b/integration/testdata/poetry.json.golden index 00a7c902e4..0e9389d65e 100644 --- a/integration/testdata/poetry.json.golden +++ b/integration/testdata/poetry.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/poetry", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/pom-cyclonedx.json.golden b/integration/testdata/pom-cyclonedx.json.golden index 3e87c28bee..b5e7f17e14 100644 --- a/integration/testdata/pom-cyclonedx.json.golden +++ b/integration/testdata/pom-cyclonedx.json.golden @@ -5,7 +5,7 @@ "serialNumber": "urn:uuid:3ff14136-e09f-4df9-80ea-000000000001", "version": 1, "metadata": { - "timestamp": "2020-09-10T14:20:30+00:00", + "timestamp": "2021-08-25T12:20:30+00:00", "tools": [ { "vendor": "aquasecurity", @@ -102,6 +102,98 @@ } ], "vulnerabilities": [ + { + "id": "CVE-2021-20190", + "source": { + "name": "glad", + "url": "https://gitlab.com/gitlab-org/advisories-community" + }, + "ratings": [ + { + "source": { + "name": "ghsa" + }, + "severity": "high" + }, + { + "source": { + "name": "nvd" + }, + "score": 8.3, + "severity": "high", + "method": "CVSSv2", + "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C" + }, + { + "source": { + "name": "nvd" + }, + "score": 8.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" + }, + { + "source": { + "name": "redhat" + }, + "score": 8.1, + "severity": "high", + "method": "CVSSv31", + "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + ], + "cwes": [ + 502 + ], + "description": "A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", + "recommendation": "Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.9.10.7", + "advisories": [ + { + "url": "https://avd.aquasec.com/nvd/cve-2021-20190" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2021-20190" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633" + }, + { + "url": "https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a" + }, + { + "url": "https://github.com/FasterXML/jackson-databind/issues/2854" + }, + { + "url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w" + }, + { + "url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" + }, + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20210219-0008/" + } + ], + "published": "2021-01-19T17:15:00+00:00", + "updated": "2021-07-20T23:15:00+00:00", + "affects": [ + { + "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1", + "versions": [ + { + "version": "2.9.1", + "status": "affected" + } + ] + } + ] + }, { "id": "CVE-2020-9548", "source": { @@ -223,98 +315,6 @@ ] } ] - }, - { - "id": "CVE-2021-20190", - "source": { - "name": "glad", - "url": "https://gitlab.com/gitlab-org/advisories-community" - }, - "ratings": [ - { - "source": { - "name": "ghsa" - }, - "severity": "high" - }, - { - "source": { - "name": "nvd" - }, - "score": 8.3, - "severity": "high", - "method": "CVSSv2", - "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C" - }, - { - "source": { - "name": "nvd" - }, - "score": 8.1, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" - }, - { - "source": { - "name": "redhat" - }, - "score": 8.1, - "severity": "high", - "method": "CVSSv31", - "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "cwes": [ - 502 - ], - "description": "A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", - "recommendation": "Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.9.10.7", - "advisories": [ - { - "url": "https://avd.aquasec.com/nvd/cve-2021-20190" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2021-20190" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633" - }, - { - "url": "https://github.com/FasterXML/jackson-databind/commit/7dbf51bf78d157098074a20bd9da39bd48c18e4a" - }, - { - "url": "https://github.com/FasterXML/jackson-databind/issues/2854" - }, - { - "url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w" - }, - { - "url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a@%3Ccommits.nifi.apache.org%3E" - }, - { - "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" - }, - { - "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190" - }, - { - "url": "https://security.netapp.com/advisory/ntap-20210219-0008/" - } - ], - "published": "2021-01-19T17:15:00+00:00", - "updated": "2021-07-20T23:15:00+00:00", - "affects": [ - { - "ref": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1", - "versions": [ - { - "version": "2.9.1", - "status": "affected" - } - ] - } - ] } ] } diff --git a/integration/testdata/pom.json.golden b/integration/testdata/pom.json.golden index a3bfe78d3d..b15579088f 100644 --- a/integration/testdata/pom.json.golden +++ b/integration/testdata/pom.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/pom", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/pubspec.lock.json.golden b/integration/testdata/pubspec.lock.json.golden index 05ff31de63..b67718d741 100644 --- a/integration/testdata/pubspec.lock.json.golden +++ b/integration/testdata/pubspec.lock.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/pubspec", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/rockylinux-8.json.golden b/integration/testdata/rockylinux-8.json.golden index fbd6e64c3d..5fc4816d03 100644 --- a/integration/testdata/rockylinux-8.json.golden +++ b/integration/testdata/rockylinux-8.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/rockylinux-8.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/secrets.asff.golden b/integration/testdata/secrets.asff.golden index 88e9896e65..818ad20f82 100644 --- a/integration/testdata/secrets.asff.golden +++ b/integration/testdata/secrets.asff.golden @@ -6,8 +6,8 @@ "GeneratorId": "Trivy", "AwsAccountId": "123456789012", "Types": [ "Sensitive Data Identifications" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "CRITICAL" }, @@ -35,8 +35,8 @@ "GeneratorId": "Trivy", "AwsAccountId": "123456789012", "Types": [ "Sensitive Data Identifications" ], - "CreatedAt": "2020-08-10T07:28:17.000958601Z", - "UpdatedAt": "2020-08-10T07:28:17.000958601Z", + "CreatedAt": "2021-08-25T12:20:30.000000005Z", + "UpdatedAt": "2021-08-25T12:20:30.000000005Z", "Severity": { "Label": "CRITICAL" }, diff --git a/integration/testdata/secrets.json.golden b/integration/testdata/secrets.json.golden index 10f7d03bcb..4da66ddf2f 100644 --- a/integration/testdata/secrets.json.golden +++ b/integration/testdata/secrets.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/secrets", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/spring4shell-jre11.json.golden b/integration/testdata/spring4shell-jre11.json.golden index a119d3c5b8..794725cf65 100644 --- a/integration/testdata/spring4shell-jre11.json.golden +++ b/integration/testdata/spring4shell-jre11.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/spring4shell-jre11.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/spring4shell-jre8.json.golden b/integration/testdata/spring4shell-jre8.json.golden index c7c58e529e..90927327dc 100644 --- a/integration/testdata/spring4shell-jre8.json.golden +++ b/integration/testdata/spring4shell-jre8.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/spring4shell-jre8.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/swift.json.golden b/integration/testdata/swift.json.golden index ba7fe8ab56..ab0b4ab44a 100644 --- a/integration/testdata/swift.json.golden +++ b/integration/testdata/swift.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/swift", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/test-repo.json.golden b/integration/testdata/test-repo.json.golden index edb23d019f..4fb33be4a3 100644 --- a/integration/testdata/test-repo.json.golden +++ b/integration/testdata/test-repo.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "https://github.com/knqyf263/trivy-ci-test", "ArtifactType": "repository", "Metadata": { diff --git a/integration/testdata/ubi-7.json.golden b/integration/testdata/ubi-7.json.golden index bee1bc2156..bfad8f153e 100644 --- a/integration/testdata/ubi-7.json.golden +++ b/integration/testdata/ubi-7.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/ubi-7.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden index 5428c8bb18..1674c96f7d 100644 --- a/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden +++ b/integration/testdata/ubuntu-1804-ignore-unfixed.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/ubuntu-1804.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/ubuntu-1804.json.golden b/integration/testdata/ubuntu-1804.json.golden index 7f4b38fe27..312a3e19cb 100644 --- a/integration/testdata/ubuntu-1804.json.golden +++ b/integration/testdata/ubuntu-1804.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/images/ubuntu-1804.tar.gz", "ArtifactType": "container_image", "Metadata": { diff --git a/integration/testdata/ubuntu-gp2-x86-vm.json.golden b/integration/testdata/ubuntu-gp2-x86-vm.json.golden index a558c89683..e027cdd00b 100644 --- a/integration/testdata/ubuntu-gp2-x86-vm.json.golden +++ b/integration/testdata/ubuntu-gp2-x86-vm.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "disk.img", "ArtifactType": "vm", "Metadata": { diff --git a/integration/testdata/yarn.json.golden b/integration/testdata/yarn.json.golden index 0c8c7f2c44..816c3221c1 100644 --- a/integration/testdata/yarn.json.golden +++ b/integration/testdata/yarn.json.golden @@ -1,5 +1,6 @@ { "SchemaVersion": 2, + "CreatedAt": 1629894030, "ArtifactName": "testdata/fixtures/repo/yarn", "ArtifactType": "repository", "Metadata": { diff --git a/magefiles/magefile.go b/magefiles/magefile.go index 424c447ac9..7869eb1c5a 100644 --- a/magefiles/magefile.go +++ b/magefiles/magefile.go @@ -266,6 +266,12 @@ func (t Test) Module() error { return sh.RunWithV(ENV, "go", "test", "-v", "-tags=module_integration", "./integration/...") } +// UpdateModuleGolden updates golden files for Wasm integration tests +func (t Test) UpdateModuleGolden() error { + mg.Deps(t.FixtureContainerImages, t.GenerateExampleModules) + return sh.RunWithV(ENV, "go", "test", "-v", "-tags=module_integration", "./integration/...", "-update") +} + // VM runs VM integration tests func (t Test) VM() error { mg.Deps(t.FixtureVMImages) @@ -273,7 +279,8 @@ func (t Test) VM() error { } // UpdateVMGolden updates golden files for integration tests -func (Test) UpdateVMGolden() error { +func (t Test) UpdateVMGolden() error { + mg.Deps(t.FixtureVMImages) return sh.RunWithV(ENV, "go", "test", "-v", "-tags=vm_integration", "./integration/...", "-update") } diff --git a/pkg/scanner/scan.go b/pkg/scanner/scan.go index 931b5b0ea0..1981f4828e 100644 --- a/pkg/scanner/scan.go +++ b/pkg/scanner/scan.go @@ -6,6 +6,7 @@ import ( "github.com/google/wire" "golang.org/x/xerrors" + "github.com/aquasecurity/trivy/pkg/clock" "github.com/aquasecurity/trivy/pkg/fanal/artifact" aimage "github.com/aquasecurity/trivy/pkg/fanal/artifact/image" flocal "github.com/aquasecurity/trivy/pkg/fanal/artifact/local" @@ -172,6 +173,7 @@ func (s Scanner) ScanArtifact(ctx context.Context, options types.ScanOptions) (t return types.Report{ SchemaVersion: report.SchemaVersion, + CreatedAt: clock.Now().Unix(), ArtifactName: artifactInfo.Name, ArtifactType: artifactInfo.Type, Metadata: types.Metadata{ diff --git a/pkg/scanner/scan_test.go b/pkg/scanner/scan_test.go index e32edc9855..808596f745 100644 --- a/pkg/scanner/scan_test.go +++ b/pkg/scanner/scan_test.go @@ -4,10 +4,12 @@ import ( "context" "errors" "testing" + "time" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/aquasecurity/trivy/pkg/clock" "github.com/aquasecurity/trivy/pkg/fanal/artifact" ftypes "github.com/aquasecurity/trivy/pkg/fanal/types" "github.com/aquasecurity/trivy/pkg/types" @@ -17,6 +19,7 @@ func TestScanner_ScanArtifact(t *testing.T) { type args struct { options types.ScanOptions } + clock.SetFakeTime(t, time.Date(2021, 8, 25, 12, 20, 30, 5, time.UTC)) tests := []struct { name string args args @@ -96,6 +99,7 @@ func TestScanner_ScanArtifact(t *testing.T) { }, want: types.Report{ SchemaVersion: 2, + CreatedAt: 1629894030, ArtifactName: "alpine:3.11", ArtifactType: ftypes.ArtifactContainerImage, Metadata: types.Metadata{ diff --git a/pkg/types/report.go b/pkg/types/report.go index a085ee4545..edead1568c 100644 --- a/pkg/types/report.go +++ b/pkg/types/report.go @@ -11,6 +11,7 @@ import ( // Report represents a scan result type Report struct { SchemaVersion int `json:",omitempty"` + CreatedAt int64 `json:",omitempty"` ArtifactName string `json:",omitempty"` ArtifactType ftypes.ArtifactType `json:",omitempty"` Metadata Metadata `json:",omitempty"`
alpine