Skip to content

Commit

Permalink
Upgrade trivy version (#2143)
Browse files Browse the repository at this point in the history 
* Upgrade trivy sarif args

Fixes #2136

* Upgrade trivy
  • Loading branch information
@nvuillam
nvuillam committed Dec 18, 2022
1 parent 94e274a commit 9beb4d0
Show file tree
Hide file tree
Showing 18 changed files with 20 additions and 57 deletions.
4 changes: 1 addition & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -558,9 +558,7 @@ RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.6.9 \
&& curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin \

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# sfdx-scanner-apex installation
&& sfdx plugins:install @salesforce/sfdx-scanner \
Expand Down
4 changes: 1 addition & 3 deletions flavors/ci_light/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,9 +200,7 @@ RUN ML_THIRD_PARTY_DIR="/third-party/shellcheck" \
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0


#OTHER__END
Expand Down
4 changes: 1 addition & 3 deletions flavors/cupcake/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -376,9 +376,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/documentation/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,9 +260,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/dotnet/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -339,9 +339,7 @@ RUN curl --retry 5 --retry-delay 5 -sLO "${ARM_TTK_URI}" \
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/go/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -272,9 +272,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/java/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,9 +289,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/javascript/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -280,9 +280,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/php/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -301,9 +301,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/python/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,9 +275,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/ruby/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,9 +265,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/rust/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,9 +260,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/salesforce/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -269,9 +269,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# sfdx-scanner-apex installation
&& sfdx plugins:install @salesforce/sfdx-scanner \
Expand Down
4 changes: 1 addition & 3 deletions flavors/security/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,9 +233,7 @@ RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.6.9 \
&& curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin \

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# tflint installation
# Managed with COPY --from=tflint /usr/local/bin/tflint /usr/bin/
Expand Down
4 changes: 1 addition & 3 deletions flavors/swift/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -263,9 +263,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions flavors/terraform/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,9 +270,7 @@ RUN go install github.com/rhysd/actionlint/cmd/actionlint@latest && go clean --c
# Managed with COPY --from=gitleaks /usr/bin/gitleaks /usr/bin/

# trivy installation
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl \
&& wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0 \

# misspell installation
&& ML_THIRD_PARTY_DIR="/third-party/misspell" \
Expand Down
4 changes: 1 addition & 3 deletions linters/repository_trivy/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,9 +122,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \
#############################################################################################
#OTHER__START
# trivy installation
RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl
RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0


#OTHER__END
Expand Down
9 changes: 3 additions & 6 deletions megalinter/descriptors/repository.megalinter-descriptor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -368,9 +368,7 @@ linters:
cli_lint_mode: project
cli_sarif_args:
- --format
- template
- --template
- "@/usr/local/bin/sarif.tpl"
- sarif
- -o
- "{{SARIF_OUTPUT_FILE}}"
cli_lint_extra_args:
Expand All @@ -384,12 +382,11 @@ linters:
test_folder: trivy
examples:
- "trivy fs --security-checks vuln,config ."
downgraded_version: true
install:
dockerfile:
- |
RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.29.2 && \
wget --tries=5 -q -O /usr/local/bin/sarif.tpl https://raw.githubusercontent.com/aquasecurity/trivy/714b5ca2460363e082d42a8d933c7a0cb7eff7a8/contrib/sarif.tpl && \
chmod 644 /usr/local/bin/sarif.tpl
RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.35.0
ide:
vscode:
- name: VSCode Trivy
Expand Down

0 comments on commit 9beb4d0

Please sign in to comment.