Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/136 trivy integration #139

Merged
merged 61 commits into from
Jan 7, 2025
Merged

Feature/136 trivy integration #139

merged 61 commits into from
Jan 7, 2025

Conversation

alexander-dammeier
Copy link
Contributor

No description provided.

robertauer and others added 30 commits November 18, 2024 13:47
@robertauer
Add Trivy implementation structure; #136
c2897fb
@robertauer
Add invalid image name test; #136
251cdf1
@robertauer
Fail pipeline on failing unit tests
ec14c12
@robertauer
Implement scanImage method; #136
8cc5d40
@robertauer
Handle null references; #136
cc9b3e6
@robertauer
Move parameters to sensible locations; #136
5a97314
@alexander-dammeier
try to fix pipeline error
0341304
@robertauer
Fix parameter call
6d6dbb7
@alexander-dammeier
#136 fix groovy compile error with constant
d5b41b1
@robertauer
Fix NullPointerException
77ad25b
@robertauer
Use custom exit code on found vulnerabilities; 136
c30624e 
As trivy exits with exit code 1 when it encountered an error, we will use exit code 10 if trivy scanned successful and found vulnerabilities.
Also don't use RuntimeException, which is blocked by Jenkins.
@robertauer
Implement report conversion function; #136
a65c6e2
@robertauer
Save all trivy report files; #136
a28ad47
@robertauer
Add HTML format conversion; #136
096a0aa
@robertauer
Fail on unsupported scan format; #136
c933342
@robertauer
Trivy ignore file is working
7777d4d 
To exclude CVEs from trivy scan, add a .trivyignore file to the
workspace.
The workspace is mounted to the docker container and therefore the
.trivyignore file is integrated into the scan process, if it exists
@robertauer
Enable report file name setting; #136
358b7e2
@robertauer
Avoid rate limits of default Trivy database source; #136
190fb08
@robertauer
Set build status according to strategy; #136
7bd4562
@robertauer
Document Trivy functionality; #136
4183ba2
@robertauer
Adapt tests to new Trivy constructor; #136
5bf7fdf
@robertauer
Add method to scan Dogu images; #136
a32591f
@robertauer
Remove newlines from ssh output; #136
122c87d
@robertauer @alexander-dammeier
#136 implement trivy integration test
326db5c
@alexander-dammeier
Merge branch 'develop' into feature/136_trivy_integration
52f5ddf
@alexander-dammeier
#136 add comments to integration test
91bf4ca
@alexander-dammeier
#136 use javac compiler as default
e6736d9 
also update compiler dependencies
@robertauer
Adapt old trivy function to new implementation; #136
f651b32
@alexander-dammeier
Revert "#136 use javac compiler as default"
5e5703e 
This reverts commit e6736d9.
The problem with this commit was, that now the jenkins pipeline
only creates empty jars. It only works on local machines when
we call our groovy tests directly
@robertauer
Update changelog; #136
dc31bd4
robertauer and others added 22 commits December 10, 2024 11:22
@robertauer
Clarify additional flags defaults; #136
e1d0334
@robertauer
Merge branch 'feature/136_trivy_integration' of github.com:cloudogu/c…
a7feef0 
…es-build-lib into feature/136_trivy_integration
@robertauer
Do not potentially overwrite the original trivy report file; #136
c8484a0
@robertauer
Use class variable instead of hardcoding the directory; #136
12c2a30
@robertauer
Fix path; #136
69b9209
@robertauer
Remove outdated comments; #136
cd604e8
@robertauer
Make trivy image source adjustable; #136
174645f
@robertauer
Enable custom formats for Trivy report conversion; #136
15fe1a9
@robertauer
Do not overwrite first report file on second conversion; #136
aecb7fd
@robertauer
Remove faulty code
d2cb3a7
@robertauer
Let the user decide which file extension to use; #136
e4ea857
@robertauer
Select specific severity levels in formatted report; #136
790c557
@robertauer
Remove unused variable assignment; #136
2bf5665
@meiserloh
#136 - refactor saveFormattedTrivyReport
60eb8f1
@meiserloh
Merge remote-tracking branch 'origin/develop' into feature/136_trivy_…
5baa5a1 
…integration

# Conflicts:
#	CHANGELOG.md
#	pom.xml
@meiserloh
#136 - change Test to Junit5
59946ee
@meiserloh
#136 - add tests for saveFormattedTrivyReport
bcb0de2
@meiserloh
#136 - remove constructor call from parameters to (hopefully) resolve…
640b2a6 
… Jenkins issues
@meiserloh
#136 - Mark function as NonCPS, because of the use of Iterators
5b53198
@robertauer
Use duplicated strings to prevent VerifyError
095f4b7
@meiserloh
#136 - Downgrade Junit & Mockito to be inline with the used JUnit ver…
cc742c0 
…sion (coming from groovy-test)
@meiserloh
Merge remote-tracking branch 'origin/feature/136_trivy_integration' i…
47d53c6 
…nto feature/136_trivy_integration
robertauer
robertauer reviewed Jan 7, 2025
View reviewed changes
@meiserloh meiserloh merged commit 0d8cde4 into develop Jan 7, 2025
1 check was pending
@meiserloh meiserloh deleted the feature/136_trivy_integration branch January 7, 2025 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meiserloh meiserloh meiserloh left review comments

@robertauer robertauer robertauer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexander-dammeier @robertauer @meiserloh