diff --git a/checks/docker/add_instead_of_copy.rego b/checks/docker/add_instead_of_copy.rego index 7e9d135c..b5bd9795 100644 --- a/checks/docker/add_instead_of_copy.rego +++ b/checks/docker/add_instead_of_copy.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/add_instead_of_copy.yaml package builtin.dockerfile.DS005 import data.lib.docker diff --git a/checks/docker/apt_get_missing_yes_flag_to_avoid_manual_input.rego b/checks/docker/apt_get_missing_yes_flag_to_avoid_manual_input.rego index 7645f11a..d3b317c9 100644 --- a/checks/docker/apt_get_missing_yes_flag_to_avoid_manual_input.rego +++ b/checks/docker/apt_get_missing_yes_flag_to_avoid_manual_input.rego @@ -16,6 +16,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/apt_get_missing_yes_flag_to_avoid_manual_input.yaml package builtin.dockerfile.DS021 import data.lib.docker diff --git a/checks/docker/copy_from_references_current_from_alias.rego b/checks/docker/copy_from_references_current_from_alias.rego index c80f444d..d442ed52 100644 --- a/checks/docker/copy_from_references_current_from_alias.rego +++ b/checks/docker/copy_from_references_current_from_alias.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/copy_from_references_current_from_alias.yaml package builtin.dockerfile.DS006 import data.lib.docker diff --git a/checks/docker/copy_with_more_than_two_arguments_not_ending_with_slash.rego b/checks/docker/copy_with_more_than_two_arguments_not_ending_with_slash.rego index 50dca814..5f1956fd 100644 --- a/checks/docker/copy_with_more_than_two_arguments_not_ending_with_slash.rego +++ b/checks/docker/copy_with_more_than_two_arguments_not_ending_with_slash.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/copy_with_more_than_two_arguments_not_ending_with_slash.yaml package builtin.dockerfile.DS011 import data.lib.docker diff --git a/checks/docker/latest_tag.rego b/checks/docker/latest_tag.rego index 3aff03d6..a605eae7 100644 --- a/checks/docker/latest_tag.rego +++ b/checks/docker/latest_tag.rego @@ -13,6 +13,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/latest_tag.yaml package builtin.dockerfile.DS001 import data.lib.docker diff --git a/checks/docker/maintainer_is_deprecated.rego b/checks/docker/maintainer_is_deprecated.rego index 762f05fc..095892ef 100644 --- a/checks/docker/maintainer_is_deprecated.rego +++ b/checks/docker/maintainer_is_deprecated.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/maintainer_is_deprecated.yaml package builtin.dockerfile.DS022 import data.lib.docker diff --git a/checks/docker/missing_dnf_clean_all.rego b/checks/docker/missing_dnf_clean_all.rego index 182c6806..268e3e08 100644 --- a/checks/docker/missing_dnf_clean_all.rego +++ b/checks/docker/missing_dnf_clean_all.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/missing_dnf_clean_all.yaml package builtin.dockerfile.DS019 import data.lib.docker diff --git a/checks/docker/missing_zypper_clean.rego b/checks/docker/missing_zypper_clean.rego index 657f2004..b6ebd41d 100644 --- a/checks/docker/missing_zypper_clean.rego +++ b/checks/docker/missing_zypper_clean.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/missing_zypper_clean.yaml package builtin.dockerfile.DS020 import data.lib.docker diff --git a/checks/docker/multiple_cmd_instructions_listed.rego b/checks/docker/multiple_cmd_instructions_listed.rego index 2712590f..b81e5a81 100644 --- a/checks/docker/multiple_cmd_instructions_listed.rego +++ b/checks/docker/multiple_cmd_instructions_listed.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/multiple_cmd_instructions_listed.yaml package builtin.dockerfile.DS016 import data.lib.docker diff --git a/checks/docker/multiple_entrypoint_instructions_listed.rego b/checks/docker/multiple_entrypoint_instructions_listed.rego index 89783d3d..979fc43f 100644 --- a/checks/docker/multiple_entrypoint_instructions_listed.rego +++ b/checks/docker/multiple_entrypoint_instructions_listed.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/multiple_entrypoint_instructions_listed.yaml package builtin.dockerfile.DS007 import data.lib.docker diff --git a/checks/docker/multiple_healthcheck_instructions.rego b/checks/docker/multiple_healthcheck_instructions.rego index bb916d5c..ba9ea162 100644 --- a/checks/docker/multiple_healthcheck_instructions.rego +++ b/checks/docker/multiple_healthcheck_instructions.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/multiple_healthcheck_instructions.yaml package builtin.dockerfile.DS023 import data.lib.docker diff --git a/checks/docker/port22.rego b/checks/docker/port22.rego index 106866ac..46a9d7e8 100644 --- a/checks/docker/port22.rego +++ b/checks/docker/port22.rego @@ -13,6 +13,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/port22.yaml package builtin.dockerfile.DS004 import data.lib.docker diff --git a/checks/docker/root_user.rego b/checks/docker/root_user.rego index 71eeb085..17156f34 100644 --- a/checks/docker/root_user.rego +++ b/checks/docker/root_user.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/root_user.yaml package builtin.dockerfile.DS002 import data.lib.docker diff --git a/checks/docker/run_apt_get_dist_upgrade.rego b/checks/docker/run_apt_get_dist_upgrade.rego index d92163f9..5bded83d 100644 --- a/checks/docker/run_apt_get_dist_upgrade.rego +++ b/checks/docker/run_apt_get_dist_upgrade.rego @@ -13,6 +13,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/run_apt_get_dist_upgrade.yaml package builtin.dockerfile.DS024 import data.lib.docker diff --git a/checks/docker/run_command_cd_instead_of_workdir.rego b/checks/docker/run_command_cd_instead_of_workdir.rego index e9012490..859f6b78 100644 --- a/checks/docker/run_command_cd_instead_of_workdir.rego +++ b/checks/docker/run_command_cd_instead_of_workdir.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/run_command_cd_instead_of_workdir.yaml package builtin.dockerfile.DS013 import data.lib.docker diff --git a/checks/docker/run_using_sudo.rego b/checks/docker/run_using_sudo.rego index d4710013..6ec882d1 100644 --- a/checks/docker/run_using_sudo.rego +++ b/checks/docker/run_using_sudo.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/run_using_sudo.yaml package builtin.dockerfile.DS010 import data.lib.docker diff --git a/checks/docker/run_using_wget_and_curl.rego b/checks/docker/run_using_wget_and_curl.rego index 2838de9a..66e170ec 100644 --- a/checks/docker/run_using_wget_and_curl.rego +++ b/checks/docker/run_using_wget_and_curl.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/run_using_wget_and_curl.yaml package builtin.dockerfile.DS014 import data.lib.docker diff --git a/checks/docker/same_alias_in_different_froms.rego b/checks/docker/same_alias_in_different_froms.rego index a573dea8..1053cb00 100644 --- a/checks/docker/same_alias_in_different_froms.rego +++ b/checks/docker/same_alias_in_different_froms.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/same_alias_in_different_froms.yaml package builtin.dockerfile.DS012 import data.lib.docker diff --git a/checks/docker/unix_ports_out_of_range.rego b/checks/docker/unix_ports_out_of_range.rego index 0235406f..bc5da560 100644 --- a/checks/docker/unix_ports_out_of_range.rego +++ b/checks/docker/unix_ports_out_of_range.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/unix_ports_out_of_range.yaml package builtin.dockerfile.DS008 import data.lib.docker diff --git a/checks/docker/update_instruction_alone.rego b/checks/docker/update_instruction_alone.rego index fb59257b..1c0bac19 100644 --- a/checks/docker/update_instruction_alone.rego +++ b/checks/docker/update_instruction_alone.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/update_instruction_alone.yaml package builtin.dockerfile.DS017 import data.lib.docker diff --git a/checks/docker/workdir_path_not_absolute.rego b/checks/docker/workdir_path_not_absolute.rego index 4cabe688..83ac2ff4 100644 --- a/checks/docker/workdir_path_not_absolute.rego +++ b/checks/docker/workdir_path_not_absolute.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/workdir_path_not_absolute.yaml package builtin.dockerfile.DS009 import data.lib.docker diff --git a/checks/docker/yum_clean_all_missing.rego b/checks/docker/yum_clean_all_missing.rego index fbe5937a..e272f719 100644 --- a/checks/docker/yum_clean_all_missing.rego +++ b/checks/docker/yum_clean_all_missing.rego @@ -15,6 +15,7 @@ # input: # selector: # - type: dockerfile +# examples: checks/docker/yum_clean_all_missing.yaml package builtin.dockerfile.DS015 import future.keywords.in diff --git a/go.mod b/go.mod index 77b61f7c..c541004e 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,8 @@ go 1.22.9 toolchain go1.23.0 +replace github.com/aquasecurity/trivy => /Users/nikita/projects/trivy + require ( github.com/aquasecurity/trivy v0.57.1-0.20241202232542-54130dcc1d77 github.com/aws-cloudformation/rain v1.19.0 @@ -105,10 +107,10 @@ require ( github.com/chzyer/readline v1.5.1 // indirect github.com/cloudflare/circl v1.3.8 // indirect github.com/containerd/cgroups/v3 v3.0.3 // indirect - github.com/containerd/containerd v1.7.23 // indirect + github.com/containerd/containerd v1.7.24 // indirect github.com/containerd/containerd/api v1.8.0 // indirect github.com/containerd/containerd/v2 v2.0.0 // indirect - github.com/containerd/continuity v0.4.4 // indirect + github.com/containerd/continuity v0.4.5 // indirect github.com/containerd/errdefs v1.0.0 // indirect github.com/containerd/errdefs/pkg v0.3.0 // indirect github.com/containerd/fifo v1.1.0 // indirect @@ -117,7 +119,7 @@ require ( github.com/containerd/plugin v1.0.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect github.com/containerd/ttrpc v1.2.6 // indirect - github.com/containerd/typeurl/v2 v2.2.2 // indirect + github.com/containerd/typeurl/v2 v2.2.3 // indirect github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect github.com/cyphar/filepath-securejoin v0.3.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect @@ -128,9 +130,9 @@ require ( github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect github.com/distribution/reference v0.6.0 // indirect github.com/dlclark/regexp2 v1.4.0 // indirect - github.com/docker/cli v27.3.1+incompatible // indirect + github.com/docker/cli v27.4.0-rc.2+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v27.3.1+incompatible // indirect + github.com/docker/docker v27.4.0-rc.2+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-metrics v0.0.1 // indirect @@ -252,7 +254,7 @@ require ( github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/buildkit v0.17.2 // indirect + github.com/moby/buildkit v0.18.0 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/locker v1.0.1 // indirect github.com/moby/spdystream v0.4.0 // indirect diff --git a/go.sum b/go.sum index 9bd6c626..7b3e1a74 100644 --- a/go.sum +++ b/go.sum @@ -349,10 +349,6 @@ github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8 h1:b43UVqY github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8/go.mod h1:wXA9k3uuaxY3yu7gxrxZDPo/04FEMJtwyecdAlYrEIo= github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo= github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY= -github.com/aquasecurity/trivy v0.57.1-0.20241127185709-c238c515b831 h1:Ol9LT6V3KXCwaJE6lyeOR+3NGgDyA0HOXvPtumz/dxA= -github.com/aquasecurity/trivy v0.57.1-0.20241127185709-c238c515b831/go.mod h1:fURPZjqUDH08tYy/2EhU4k0uAOzXcPAJeM2O0Z6k0nU= -github.com/aquasecurity/trivy v0.57.1-0.20241202232542-54130dcc1d77 h1:asWezOVucyj/9U+XUYgp/T952z1rpS1o1Kd+KyZD1C0= -github.com/aquasecurity/trivy v0.57.1-0.20241202232542-54130dcc1d77/go.mod h1:ZFPGXENLDMCKV7uXY3G1dloqMki9SZBHZldFo2aqupA= github.com/aquasecurity/trivy-db v0.0.0-20241120092622-333d808d7e45 h1:ljinbg7JTQvdnzuRsPYS6btA51SyGYWKCQInxSIwbRw= github.com/aquasecurity/trivy-db v0.0.0-20241120092622-333d808d7e45/go.mod h1:Lg2avQhFy5qeGA0eMysI/61REVvWpEltverCarGc3l0= github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 h1:JVgBIuIYbwG+ekC5lUHUpGJboPYiCcxiz06RCtz8neI= @@ -493,14 +489,14 @@ github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w= github.com/containerd/cgroups/v3 v3.0.3 h1:S5ByHZ/h9PMe5IOQoN7E+nMc2UcLEM/V48DGDJ9kip0= github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0= -github.com/containerd/containerd v1.7.23 h1:H2CClyUkmpKAGlhQp95g2WXHfLYc7whAuvZGBNYOOwQ= -github.com/containerd/containerd v1.7.23/go.mod h1:7QUzfURqZWCZV7RLNEn1XjUCQLEf0bkaK4GjUaZehxw= +github.com/containerd/containerd v1.7.24 h1:zxszGrGjrra1yYJW/6rhm9cJ1ZQ8rkKBR48brqsa7nA= +github.com/containerd/containerd v1.7.24/go.mod h1:7QUzfURqZWCZV7RLNEn1XjUCQLEf0bkaK4GjUaZehxw= github.com/containerd/containerd/api v1.8.0 h1:hVTNJKR8fMc/2Tiw60ZRijntNMd1U+JVMyTRdsD2bS0= github.com/containerd/containerd/api v1.8.0/go.mod h1:dFv4lt6S20wTu/hMcP4350RL87qPWLVa/OHOwmmdnYc= github.com/containerd/containerd/v2 v2.0.0 h1:qLDdFaAykQrIyLiqwQrNLLz95wiC36bAZVwioUwqShM= github.com/containerd/containerd/v2 v2.0.0/go.mod h1:j25kDy9P48/ngb1sxWIFfK6GsnqOHoSqo1EpAod20VQ= -github.com/containerd/continuity v0.4.4 h1:/fNVfTJ7wIl/YPMHjf+5H32uFhl63JucB34PlCpMKII= -github.com/containerd/continuity v0.4.4/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= +github.com/containerd/continuity v0.4.5 h1:ZRoN1sXq9u7V6QoHMcVWGhOwDFqZ4B9i5H6un1Wh0x4= +github.com/containerd/continuity v0.4.5/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M= github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE= @@ -517,8 +513,8 @@ github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk= github.com/containerd/ttrpc v1.2.6 h1:zG+Kn5EZ6MUYCS1t2Hmt2J4tMVaLSFEJVOraDQwNPC4= github.com/containerd/ttrpc v1.2.6/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= -github.com/containerd/typeurl/v2 v2.2.2 h1:3jN/k2ysKuPCsln5Qv8bzR9cxal8XjkxPogJfSNO31k= -github.com/containerd/typeurl/v2 v2.2.2/go.mod h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk= +github.com/containerd/typeurl/v2 v2.2.3 h1:yNA/94zxWdvYACdYO8zofhrTVuQY73fFU1y++dYSw40= +github.com/containerd/typeurl/v2 v2.2.3/go.mod h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk= @@ -566,12 +562,12 @@ github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5Qvfr github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dlclark/regexp2 v1.4.0 h1:F1rxgk7p4uKjwIQxBs9oAXe5CqrXlCduYEJvrF4u93E= github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= -github.com/docker/cli v27.3.1+incompatible h1:qEGdFBF3Xu6SCvCYhc7CzaQTlBmqDuzxPDpigSyeKQQ= -github.com/docker/cli v27.3.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v27.4.0-rc.2+incompatible h1:A0GZwegDlt2wdt3tpmrUzkVOZmbhvd7i05wPSf7Oo74= +github.com/docker/cli v27.4.0-rc.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v27.3.1+incompatible h1:KttF0XoteNTicmUtBO0L2tP+J7FGRFTjaEF4k6WdhfI= -github.com/docker/docker v27.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v27.4.0-rc.2+incompatible h1:9OJjVGtelk/zGC3TyKweJ29b9Axzh0s/0vtU4mneumE= +github.com/docker/docker v27.4.0-rc.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= @@ -1064,8 +1060,8 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs= -github.com/moby/buildkit v0.17.2 h1:/jgk/MuXbA7jeXMkknOpHYB+Ct4aNvQHkBB7SxD3D4U= -github.com/moby/buildkit v0.17.2/go.mod h1:vr5vltV8wt4F2jThbNOChfbAklJ0DOW11w36v210hOg= +github.com/moby/buildkit v0.18.0 h1:KSelhNINJcNA3FCWBbGCytvicjP+kjU5kZlZhkTUkVo= +github.com/moby/buildkit v0.18.0/go.mod h1:vCR5CX8NGsPTthTg681+9kdmfvkvqJBXEv71GZe5msU= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= diff --git a/integration/check_examples_test.go b/integration/check_examples_test.go index f92141a2..87d97c73 100644 --- a/integration/check_examples_test.go +++ b/integration/check_examples_test.go @@ -94,7 +94,7 @@ func setupTarget(t *testing.T) string { func writeExamples(t *testing.T, examples []string, provider, cacheDir string, id string, typ string) { for i, example := range examples { - name := "test" + extensionByProvider(provider) + name := fileNameByProvider(provider) file := filepath.Join(cacheDir, id, provider, typ, strconv.Itoa(i), name) require.NoError(t, os.MkdirAll(filepath.Dir(file), fs.ModePerm)) require.NoError(t, os.WriteFile(file, []byte(example), fs.ModePerm)) @@ -154,12 +154,14 @@ func getFailureIDs(report types.Report) map[string][]string { return ids } -func extensionByProvider(provider string) string { +func fileNameByProvider(provider string) string { switch provider { case "terraform": - return ".tf" + return "main.tf" case "cloudformation": - return ".yaml" + return "template.yaml" + case "dockerfile": + return "Dockerfile" } - panic("unreachable") + panic("unreachable: " + provider) } diff --git a/internal/examples/examples.go b/internal/examples/examples.go index 999e63b0..3ed9de29 100644 --- a/internal/examples/examples.go +++ b/internal/examples/examples.go @@ -33,6 +33,10 @@ func GetCheckExamples(r scan.Rule) (CheckExamples, string, error) { // TODO: use `examples` field after adding func getCheckExamplesPath(r scan.Rule) string { + if r.Examples != "" { + return r.Examples + } + for _, eng := range []*scan.EngineMetadata{r.Terraform, r.CloudFormation} { if eng == nil { continue