diff --git a/test/test.bats b/test/test.bats index 857c4fd..87d9d4d 100644 --- a/test/test.bats +++ b/test/test.bats @@ -64,7 +64,7 @@ function compare_files() { @test "trivy repo with securityCheck secret only" { # trivy repo -f json -o repo.test --scanners=secret https://github.com/krol3/demo-trivy/ export TRIVY_FORMAT=json TRIVY_OUTPUT=repo.json TRIVY_SCANNERS=secret INPUT_SCAN_TYPE=repo INPUT_SCAN_REF="https://github.com/krol3/demo-trivy/" - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files repo.json ./test/data/secret-scan/report.json reset_envs } @@ -72,7 +72,7 @@ function compare_files() { @test "trivy image" { # trivy image --severity CRITICAL -o image.test knqyf263/vuln-image:1.2.3 export TRIVY_OUTPUT=image.test TRIVY_SEVERITY=CRITICAL INPUT_SCAN_TYPE=image INPUT_SCAN_REF=knqyf263/vuln-image:1.2.3 - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files image.test ./test/data/image-scan/report reset_envs } @@ -80,7 +80,7 @@ function compare_files() { @test "trivy config sarif report" { # trivy config -f sarif -o config-sarif.test ./test/data/config-sarif-report export TRIVY_FORMAT=sarif TRIVY_OUTPUT=config-sarif.sarif INPUT_SCAN_TYPE=config INPUT_SCAN_REF=./test/data/config-sarif-report - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files config-sarif.sarif ./test/data/config-sarif-report/report.sarif reset_envs } @@ -88,7 +88,7 @@ function compare_files() { @test "trivy config" { # trivy config -f json -o config.json ./test/data/config-scan export TRIVY_FORMAT=json TRIVY_OUTPUT=config.json INPUT_SCAN_TYPE=config INPUT_SCAN_REF=./test/data/config-scan - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files config.json ./test/data/config-scan/report.json reset_envs } @@ -97,7 +97,7 @@ function compare_files() { # trivy rootfs --output rootfs.test ./test/data/rootfs-scan # TODO: add data export TRIVY_OUTPUT=rootfs.test INPUT_SCAN_TYPE=rootfs INPUT_SCAN_REF=./test/data/rootfs-scan - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files rootfs.test ./test/data/rootfs-scan/report reset_envs } @@ -106,7 +106,7 @@ function compare_files() { # trivy fs --output fs.test ./test/data/fs-scan # TODO: add data export TRIVY_OUTPUT=fs.test INPUT_SCAN_TYPE=fs INPUT_SCAN_REF=./test/data/fs-scan - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files fs.test ./test/data/fs-scan/report reset_envs } @@ -122,7 +122,7 @@ function compare_files() { @test "trivy image with sbom output" { # trivy image --format github knqyf263/vuln-image:1.2.3 export TRIVY_FORMAT=github TRIVY_OUTPUT=github-dep-snapshot.gsbom INPUT_SCAN_TYPE=image INPUT_SCAN_REF=knqyf263/vuln-image:1.2.3 - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files github-dep-snapshot.gsbom ./test/data/github-dep-snapshot/report.gsbom reset_envs } @@ -130,7 +130,7 @@ function compare_files() { @test "trivy image with trivy.yaml config" { # trivy --config=./test/data/with-trivy-yaml-cfg/trivy.yaml image alpine:3.10 export TRIVY_CONFIG=./test/data/with-trivy-yaml-cfg/trivy.yaml INPUT_SCAN_TYPE=image INPUT_SCAN_REF=alpine:3.10 - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files yamlconfig.json ./test/data/with-trivy-yaml-cfg/report.json reset_envs } @@ -138,7 +138,7 @@ function compare_files() { @test "trivy image with custom docker-host" { # trivy image --docker-host unix:///var/run/docker.sock --severity CRITICAL --output image.test knqyf263/vuln-image:1.2.3 export TRIVY_OUTPUT=image.test TRIVY_SEVERITY=CRITICAL INPUT_SCAN_TYPE=image INPUT_SCAN_REF=knqyf263/vuln-image:1.2.3 TRIVY_DOCKER_HOST=unix:///var/run/docker.sock - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files image.test ./test/data/image-scan/report reset_envs } @@ -146,7 +146,7 @@ function compare_files() { @test "trivy config with terraform variables" { # trivy config -f json -o tfvars.json --severity MEDIUM --tf-vars ./test/data/with-tf-vars/dev.tfvars ./test/data/with-tf-vars/main.tf export TRIVY_FORMAT=json TRIVY_SEVERITY=MEDIUM TRIVY_OUTPUT=tfvars.json INPUT_SCAN_TYPE=config INPUT_SCAN_REF=./test/data/with-tf-vars/main.tf TRIVY_TF_VARS=./test/data/with-tf-vars/dev.tfvars - run -0 ./entrypoint.sh + ./entrypoint.sh compare_files tfvars.json ./test/data/with-tf-vars/report.json reset_envs } \ No newline at end of file