diff --git a/test/scan-image.bats b/test/scan-image.bats index 5109e1a..2cf147b 100644 --- a/test/scan-image.bats +++ b/test/scan-image.bats @@ -5,7 +5,7 @@ setup_file() { } @test "docker daemon not reachable" { - run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 neuvector/scan-action + run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 neuvector/scan-action -e GITHUB_OUTPUT=${GITHUB_OUTPUT} echo "Status $status" echo "Output" echo -e $output @@ -14,7 +14,7 @@ setup_file() { } @test "invalid scanner image" { - run docker run --rm -e NV_SCANNER_IMAGE=invalid-image:latest -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e NV_SCANNER_IMAGE=invalid-image:latest -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -23,7 +23,7 @@ setup_file() { } @test "scan image with vulnerabilities but don't fail" { - run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -32,7 +32,7 @@ setup_file() { } @test "scan image with vulnerabilities and high severity fail" { - run docker run --rm -e HIGH_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e HIGH_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -41,7 +41,7 @@ setup_file() { } @test "scan image with vulnerabilities and medium severity fail" { - run docker run --rm -e MEDIUM_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e MEDIUM_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -50,7 +50,7 @@ setup_file() { } @test "scan image with vulnerabilities and specific CVE fail" { - run docker run --rm -e VUL_NAMES_TO_FAIL=invalid,CVE-2020-16156 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e VUL_NAMES_TO_FAIL=invalid,CVE-2020-16156 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -59,7 +59,7 @@ setup_file() { } @test "scan image with json output" { - run docker run --rm -e OUTPUT=json -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e OUTPUT=json -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -68,7 +68,7 @@ setup_file() { } @test "scan image with csv output" { - run docker run --rm -e OUTPUT=csv -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action + run docker run --rm -e OUTPUT=csv -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -e GITHUB_OUTPUT=${GITHUB_OUTPUT} -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output