feat: support config scanning (aquasecurity#931)

boly38 · Jul 9, 2021 · a0e5c3a · a0e5c3a
1 parent 712f9eb
commit a0e5c3a
Show file tree

Hide file tree

Showing 122 changed files with 4,385 additions and 1,112 deletions.
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
@@ -14,10 +14,12 @@ jobs:
           scan-type: 'fs'
           exit-code: '1'
           severity: 'CRITICAL'
+          skip-dirs: integration
 
       - name: Run Trivy vulnerability scanner to scan for Medium and High Vulnerabilities
         uses: aquasecurity/trivy-action@master
         with:
           scan-type: 'fs'
           exit-code: '0'
-          severity: 'HIGH,MEDIUM'
+          severity: 'HIGH,MEDIUM'
+          skip-dirs: integration
diff --git a/.gitignore b/.gitignore
@@ -23,7 +23,7 @@ thumbs.db
 
 # test fixtures
 coverage.txt
-integration/testdata/fixtures/
+integration/testdata/fixtures/images
 
 # SBOMs generated during CI
 /bom.json
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -6,12 +6,10 @@ linters-settings:
     check-shadowing: false
   gofmt:
     simplify: false
-  golint:
-    min-confidence: 0
+  revive:
+    ignore-generated-header: true
   gocyclo:
     min-complexity: 10
-  maligned:
-    suggest-new: true
   dupl:
     threshold: 100
   goconst:
@@ -32,14 +30,13 @@ linters:
     - errcheck
     - varcheck
     - deadcode
-    - golint
+    - revive
     - gosec
     - unconvert
     - goconst
     - gocyclo
     - gofmt
     - goimports
-    - maligned
     - misspell
 
 run:

diff --git a/Makefile b/Makefile
@@ -33,11 +33,11 @@ $(GOBIN)/golangci-lint:
 test:
 	go test -v -short -coverprofile=coverage.txt -covermode=atomic ./...
 
-integration/testdata/fixtures/*.tar.gz:
-	git clone https://github.com/aquasecurity/trivy-test-images.git integration/testdata/fixtures
+integration/testdata/fixtures/images/*.tar.gz:
+	git clone https://github.com/aquasecurity/trivy-test-images.git integration/testdata/fixtures/images
 
 .PHONY: test-integration
-test-integration: integration/testdata/fixtures/*.tar.gz
+test-integration: integration/testdata/fixtures/images/*.tar.gz
 	go test -v -tags=integration ./integration/...
 
 .PHONY: lint
@@ -62,7 +62,7 @@ install:
 
 .PHONY: clean
 clean:
-	rm -rf integration/testdata/fixtures/
+	rm -rf integration/testdata/fixtures/images
 
 $(GOBIN)/labeler:
 	go install github.com/knqyf263/labeler@latest