Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Add input grype-version #228

Merged
merged 29 commits into from
Nov 20, 2023
Merged

[feature] Add input grype-version #228

merged 29 commits into from
Nov 20, 2023

Conversation

ViacheslavKudinov
Copy link
Contributor

@ViacheslavKudinov ViacheslavKudinov commented May 30, 2023
edited

  • Added grype-version input to have ability to set specific version of Grype.
  • Removed debug input related things (input doesn't exist on the current version of JS code but adds extra annotation on Action tab:

"Unexpected input(s) 'debug', valid inputs are ['image', 'path', 'sbom', 'fail-build', 'output-format', 'severity-cutoff', 'only-fixed', 'add-cpes-if-none', 'by-cve']")

@ViacheslavKudinov ViacheslavKudinov marked this pull request as ready for review May 30, 2023 12:41
@ViacheslavKudinov ViacheslavKudinov changed the title Added input grype-version Add input grype-version Jun 1, 2023
@ViacheslavKudinov
Copy link
Contributor Author

Could be test of input has to be moved to some "demo" workflow, not sure about this moment.
Let me know if i have to move this part.

@ViacheslavKudinov
Copy link
Contributor Author

ViacheslavKudinov commented Jun 11, 2023
edited

Hi @kzantow
Could you, please, take a look?

@ViacheslavKudinov ViacheslavKudinov changed the title Add input grype-version [feature] Add input grype-version Jul 16, 2023
@ViacheslavKudinov
Copy link
Contributor Author

Hello,
any news on approving/rejecting/etc this one?

ViacheslavKudinov and others added 15 commits November 16, 2023 17:45
@ViacheslavKudinov
Added input grype-version
7d64c51 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Added test of specific version
66ee7a4 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Added specific version
1d3ba17 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Added flag to no fail
b9cf4dc 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Updated outdated Actions
cf68309 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Removed debug input
ec07169 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Removed debug from tests
3ae97a2 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Removed debug from tests
3ceab09 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Typo fix
9aba60f 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@anchore-actions-token-generator @willmurphyscode
chore(deps): update Grype to v0.63.0 (#225)
4c71323 
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: willmurphyscode <willmurphyscode@users.noreply.github.com>
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@wagoodman
add oss community board auto-add workflow (#231)
0c95533 
Signed-off-by: Viacheslav Kudinov <viacheslavkudinov@VK-MacBook-Pro-14-M1.local>
@ViacheslavKudinov
Merge witn main
7a57916 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Update demo.yml with checkout@v4
bd43ad0 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Update sarifdemo.yml with checkout@v4
1ea3736 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Update test.yml with checkout@v4
f0a9f17 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov ViacheslavKudinov marked this pull request as draft November 16, 2023 16:51
@ViacheslavKudinov
Merge witn main
ff3684e 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Fix of default for grype_version
6bd6329 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Update semver from 6.3.0 to 6.3.1
5e27c53 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Revert update semver from 6.3.0 to 6.3.1
7d4da52 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Audid fix
ce342b1 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Dist
141e484 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Set the Grype version to download v0.73.1
4151b23 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Updated tests
8a55b4d 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Merge branch 'main' into feature/add-version-input
9061c99
@ViacheslavKudinov
Rebuild
e7b99c5 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov
Set timeout 50000
29a303c 
Signed-off-by: Viacheslav Kudinov <viacheslav@kudinov.tech>
@ViacheslavKudinov ViacheslavKudinov marked this pull request as ready for review November 16, 2023 19:29
@ViacheslavKudinov
Copy link
Contributor Author

Hi @willmurphyscode
is there any reaction from the "main" contributors?

@ViacheslavKudinov
Copy link
Contributor Author

or @wagoodman ?

@willmurphyscode
Copy link
Contributor

Hi @ViacheslavKudinov,

Thanks much for the contribution, and sorry for the delay. I'm trying to get a release out today that will update to latest grype, and then have a couple additional chores to do in the repo. After that I'll get the changes from main into this branch and then try to get it reviewed and merged.

@willmurphyscode willmurphyscode self-assigned this Nov 20, 2023
@ViacheslavKudinov
Copy link
Contributor Author

Hi @willmurphyscode
thank you for the answer.
When new release done, i can fix conflicts to get it resolved before review.

@ViacheslavKudinov
Copy link
Contributor Author

ViacheslavKudinov commented Nov 20, 2023
edited

@willmurphyscode related question.
Why did you decide to remove jest snapshot testing when version was updated?
I could update it and get new snapshot with v0.73.1. Could be easy to get same for v0.73.3.

@willmurphyscode
Copy link
Contributor

@ViacheslavKudinov good question! We removed snapshot testing for a few reasons:

  1. This repo's job is to invoke grype, not test the output of grype. Snapshot tests on the output of grype's output belong in the grype repo.
  2. Most changes to this repo are just bumping grype, which usually changes the output at least a bit, so we have to update snapshots on almost every change; having snapshot tests that need to change every time we bump grype just adds friction to keeping the repo up to date.

@willmurphyscode
Copy link
Contributor

@ViacheslavKudinov thanks for offering to get your changes rebased on the new release!

I also plan to upgrade an pin some actions today. If you wouldn't mind waiting until #250 is in, that would probably save you rebasing / merging main again.

@ViacheslavKudinov
Copy link
Contributor Author

I will merge GH Actions changes into my branch as well.

@ViacheslavKudinov ViacheslavKudinov marked this pull request as draft November 20, 2023 16:15
@ViacheslavKudinov ViacheslavKudinov marked this pull request as ready for review November 20, 2023 16:42
@willmurphyscode willmurphyscode merged commit 69f27a5 into anchore:main Nov 20, 2023
9 checks passed
@willmurphyscode
Copy link
Contributor

Thanks @ViacheslavKudinov! We'll get this out in the next release.

@ViacheslavKudinov
Copy link
Contributor Author

Thank you @willmurphyscode

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willmurphyscode willmurphyscode willmurphyscode approved these changes

Assignees

@willmurphyscode willmurphyscode

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ViacheslavKudinov @willmurphyscode @wagoodman