Fix breaking change with trivy in image sbom jobs (!323) · Merge requests · GitLab.org / security-products / ci-templates

Adam Cohen requested to merge fix-failing-image-sbom-jobs into master Jul 18, 2022

What does this MR do?

The image sbom jobs in gemnasium are currently failing due to this breaking change in trivy. The image sbom job was previously using the trivy sbom command to scan an image and create an SBOM, however, this breaking change updates the behaviour so two separate commands are now needed in order to scan an SBOM:

trivy image is used to create the image SBOM.
trivy sbom is used to scan the image SBOM to detect vulnerabilities.

This MR updates the failing image sbom tests so they use the above two separate commands.

What are the relevant issue numbers?

No issue number

Does this MR meet the acceptance criteria?

Tests added for this feature/bug

See this comment for details about testing.

Edited Jul 18, 2022 by Adam Cohen

Fix breaking change with trivy in image sbom jobs

What does this MR do?

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Merge request reports