Open simar7 opened 3 months ago
CI in trivy-checks is already doing integration testing of the checks bundle with the latest version of Trivy and seems to meet all the requirements described here. https://github.com/aquasecurity/trivy-checks/blob/main/scripts/verify-bundle.go
CI in trivy-checks is already doing integration testing of the checks bundle with the latest version of Trivy and seems to meet all the requirements described here. https://github.com/aquasecurity/trivy-checks/blob/main/scripts/verify-bundle.go
Yes but there's currently no functional verification. We also lack testing against multiple versions of Trivy as we only test latest
right now.
Today when a PR is submitted in the checks repo, we have some basic testing that takes place as described in this workload. However, it offers no integration testing with Trivy itself.
For this to take place, we can do the following:
By adding this automated layer of testing two problems will be tackled: