* Skip downloading DB if a remote DB is not updated
* Apply suggestions from code review
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
* update github.com/aquasecurity/trivy-db version
* fix lint
* Use UTC datetime
* display DownloadedAt info in debug log
* refactor(db): merge isLatestDB into isNewDB
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
* add linter supports
* add only minor version
* use latest version
* Fix println with format issue
* Fix test
* Fix tests
* For slice with unknown length, preallocating the array
* fix code-coverage
* Removed linter rules
* Reverting linter fixes, adding TODO for later
* Ignore linter error for import
* Remove another err var.
* Ignore shadow error
* Fixes
* Fix issue
* Add back goimports local-prefixes
* Update local prefixes
* Removed extra spaces and merge the imports
* more refactoring
* Update photon.go
Co-authored-by: Teppei Fukuda <knqyf263@gmail.com>
* refactor: wrap errors
* feat(db): add the metadata file
* test(db): re-generate mocks
* fix(app): read metadata from the file in showVersion
* fix: open the database after downloading it
* fix(operation): use UpdateMetadata
* chore(mod): update dependency
* test(integration): fix tests
* fix(conf): rename TRIVY_NONSSL to TRIVY_NON_SSL
* fix(github): return db size
* fix(github_mock): add size
* feat(indicator): add progress bar
* refactor(config): remove global Quiet
* fix(db): take progress bar as an argument
* fix(progress): inject progress bar
* Support Amazon Linux
* amazon: Add tests for Scanner Detect functionality
* amazon: Add more test cases for unhappy paths.
This commit also asserts the logged output via observer.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Add a test case for invalid fixed pkg version
Signed-off-by: Simarpreet Singh <simar@linux.com>
* mod: go mod tidy
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Inject dependency seams for exposed db interface and logger.
This commit also exposes an interface for doing db operations.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Use injected logger for scanner.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon_test: Add a sample testdata dir
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Add tests for for Get() for amazon vulns.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* vulnsrc_test: Fix invocation call to SetVersion()
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon_test: Add a test for severirtyFromPriority
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon_test: Add tests for constructVersion()
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Refactor walkFunc outside for testability purposes
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Refactor walkFn and add tests for it.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* amazon: Refactor commitFunc closure and add tests
This commit also introduces an interface for the
vulnerability package to be used as a seam.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* Revert "amazon: Use injected logger for scanner."
This reverts commit 5a81e4d824a95f4de4aae2e2b903eedd0f7e241f.
* test(amazon): fix failed tests
* fix(vulnerability): trim references
* test(amazon): add integration test
* Added cache-dir flag
The flag cache-dir allows users to specify the cache directory the
database is stored in.
Signed-off-by: Ken Herner <kherner@navistone.com>
* Moved dbDir definition into functions
Need to move dbDir definition into the calling functions as the cache
directory may have been specified. With dbDir defined at package level,
it would always be instantiated to the default value and would never be
updated to the user specifyed value.
Signed-off-by: Ken Herner <kherner@navistone.com>
