Fix breaking change with trivy in image sbom jobs
What does this MR do?
The image sbom
jobs in gemnasium
are currently failing due to this breaking change in trivy. The image sbom
job was previously using the trivy sbom
command to scan an image and create an SBOM, however, this breaking change updates the behaviour so two separate commands are now needed in order to scan an SBOM:
-
trivy image
is used to create the image SBOM. -
trivy sbom
is used to scan the image SBOM to detect vulnerabilities.
This MR updates the failing image sbom
tests so they use the above two separate commands.
What are the relevant issue numbers?
No issue number
Does this MR meet the acceptance criteria?
-
Tests added for this feature/bug See this comment for details about testing.
Edited by Adam Cohen