From 519fd18442960319e71998cbe676519019cb2173 Mon Sep 17 00:00:00 2001 From: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> Date: Mon, 24 Jun 2024 16:15:58 -0400 Subject: [PATCH] chore: simplify PR Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com> --- .github/scripts/update-quality-gate-db.sh | 13 ------------- .github/workflows/update-quality-gate-db.yml | 4 +++- Taskfile.yaml | 2 +- test/quality/Makefile | 4 ++-- test/quality/test-db-url | 1 + 5 files changed, 7 insertions(+), 17 deletions(-) delete mode 100755 .github/scripts/update-quality-gate-db.sh create mode 100644 test/quality/test-db-url diff --git a/.github/scripts/update-quality-gate-db.sh b/.github/scripts/update-quality-gate-db.sh deleted file mode 100755 index c2e14f14620..00000000000 --- a/.github/scripts/update-quality-gate-db.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -# Run your command and capture the output -output=$(go run ./cmd/grype/main.go db list) - -# Extract the first instance of URL using grep, cut, and sed to trim leading whitespace -url=$(echo "$output" | grep -m 1 -o 'URL: .*' | cut -d' ' -f2- | sed 's/^[[:space:]]*//') - -# Escape special characters in the URL for sed substitution -escaped_url=$(printf '%s\n' "$url" | sed -e 's/[\/&]/\\&/g') - -# Replace TEST_DB_URL in specific Makefile using sed -sed --e "s|^TEST_DB_URL = .*|TEST_DB_URL = $escaped_url|" test/quality/Makefile diff --git a/.github/workflows/update-quality-gate-db.yml b/.github/workflows/update-quality-gate-db.yml index f8da0887c37..535176b6dbe 100644 --- a/.github/workflows/update-quality-gate-db.yml +++ b/.github/workflows/update-quality-gate-db.yml @@ -3,7 +3,9 @@ on: schedule: - cron: "0 16 1 * *" # first day of each month @ 11 AM EST - workflow-dispatch: + push: + branches: + - workflow-update-test-db permissions: contents: read diff --git a/Taskfile.yaml b/Taskfile.yaml index bd2446a9a55..402235c8ecb 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -104,7 +104,7 @@ tasks: update-quality-gate-db: desc: Update pinned version of quality gate database cmds: - - cmd: .github/scripts/update-quality-gate-db.sh + - cmd: "go run cmd/grype/main.go db list -o json | jq -r .[0].url > test/quality/test-db-url" silent: true list-tools: diff --git a/test/quality/Makefile b/test/quality/Makefile index 56d11c832de..a6c2de856b4 100644 --- a/test/quality/Makefile +++ b/test/quality/Makefile @@ -8,7 +8,7 @@ VULNERABILITY_LABELS = ./vulnerability-labels RESULT_SET = pr_vs_latest_via_sbom # update periodically with values from "grype db list" -TEST_DB_URL = https://toolbox-data.anchore.io/grype/databases/vulnerability-db_v5_2024-06-24T01:29:58Z_1719202889.tar.gz +TEST_DB_URL_FILE = ./test-db-url TEST_DB = db.tar.gz LISTING_FILE = https://toolbox-data.anchore.io/grype/databases/listing.json @@ -43,7 +43,7 @@ check-db: @echo "DB is fresh enough to be used for testing!" $(TEST_DB): - curl -o $(TEST_DB) -SsL $(TEST_DB_URL) + @curl -o $(TEST_DB) -SsL `cat $(TEST_DB_URL_FILE)` .PHONY: sboms sboms: $(YARDSTICK_RESULT_DIR) venv clear-results ## Collect and store all syft results (deletes all existing results) diff --git a/test/quality/test-db-url b/test/quality/test-db-url new file mode 100644 index 00000000000..81961fd188d --- /dev/null +++ b/test/quality/test-db-url @@ -0,0 +1 @@ +https://toolbox-data.anchore.io/grype/databases/vulnerability-db_v5_2024-06-24T01:29:58Z_1719202889.tar.gz