Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add debug mode parameter #266

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

feat: add debug mode parameter #266

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
0d42daf
add debug mode parameter
calinmarina Oct 10, 2023
9118283
chore: update test results
calinmarina Oct 10, 2023
ed7bcc5
trim boolean value
calinmarina Oct 10, 2023
290218d
fix: place debug mode variable in global category
calinmarina Oct 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 5 additions & 0 deletions action.yaml
View file
Open in desktop
Expand Up @@ -91,6 +91,10 @@ inputs:
limit-severities-for-sarif:
description: 'limit severities for SARIF format'
required: false
debug-mode:
description: 'debug mode'
required: false
default: 'false'

runs:
using: 'docker'
Expand Down Expand Up @@ -119,3 +123,4 @@ runs:
- '-u ${{ inputs.github-pat }}'
- '-v ${{ inputs.trivy-config }}'
- '-z ${{ inputs.limit-severities-for-sarif }}'
- '-x ${{ inputs.debug }}'
9 changes: 8 additions & 1 deletion entrypoint.sh
View file
Open in desktop
@@ -1,6 +1,6 @@
#!/bin/bash
set -e
while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:z:" o; do
while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:z:x:" o; do
case "${o}" in
a)
export scanType=${OPTARG}
Expand Down Expand Up @@ -71,6 +71,9 @@ while getopts "a:b:c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v:z:" o; do
z)
export limitSeveritiesForSARIF=${OPTARG}
;;
x)
export debugMode=${OPTARG}
;;
esac
done

Expand All @@ -88,11 +91,15 @@ fi
ignoreUnfixed=$(echo $ignoreUnfixed | tr -d '\r')
hideProgress=$(echo $hideProgress | tr -d '\r')
limitSeveritiesForSARIF=$(echo $limitSeveritiesForSARIF | tr -d '\r')
debugMode=$(echo $debugMode | tr -d '\r')

GLOBAL_ARGS=""
if [ $cacheDir ];then
GLOBAL_ARGS="$GLOBAL_ARGS --cache-dir $cacheDir"
fi
if [ "$debugMode" == "true" ];then
GLOBAL_ARGS="$GLOBAL_ARGS --debug"
fi

SARIF_ARGS=""
ARGS=""
Expand Down
20 changes: 16 additions & 4 deletions test/data/image-trivyignores.test
View file
Open in desktop
Expand Up @@ -27,10 +27,10 @@ Total: 19 (CRITICAL: 19)
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ git │ CVE-2018-17456 │ │ │ 2.15.2-r0 │ 2.15.3-r0 │ git: arbitrary code execution via .gitmodules │
│ git │ CVE-2018-17456 │ │ │ 2.15.2-r0 │ 2.15.3-r0 │ arbitrary code execution via .gitmodules
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-17456 │
│ ├────────────────┤ │ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-1353 │ │ │ │ 2.15.4-r0 │ git: NTFS protections inactive when running Git in the │
Expand Down Expand Up @@ -58,7 +58,7 @@ Total: 19 (CRITICAL: 19)
│ │ CVE-2019-5481 │ │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
│ ├────────────────┤ │ │ │ ├──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-5482 │ │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
│ │ CVE-2019-5482 │ │ │ │ │ heap buffer overflow in function tftp_receive_packet()
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ musl │ CVE-2019-14697 │ │ │ 1.1.18-r3 │ 1.1.18-r4 │ musl libc through 1.1.23 has an x87 floating-point stack │
Expand All @@ -69,6 +69,18 @@ Total: 19 (CRITICAL: 19)
│ │ │ │ │ │ │ │
│ │ │ │ │ │ │ │
├─────────────┼────────────────┤ │ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ sqlite: heap out-of-bound read in function rtreenode() │
│ sqlite-libs │ CVE-2019-8457 │ │ │ 3.21.0-r1 │ 3.25.3-r1 │ heap out-of-bound read in function rtreenode()
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-8457 │
└─────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

rust-app/Cargo.lock (cargo)
===========================
Total: 1 (CRITICAL: 1)

┌──────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├──────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ smallvec │ CVE-2021-25900 │ CRITICAL │ fixed │ 0.6.9 │ 0.6.14, 1.6.1 │ An issue was discovered in the smallvec crate before 0.6.14 │
│ │ │ │ │ │ │ and 1.x... │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-25900 │
└──────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘