Skip to content

chore(deps): update terraform aws to ~> 5.33.0 #17

chore(deps): update terraform aws to ~> 5.33.0

chore(deps): update terraform aws to ~> 5.33.0 #17

Workflow file for this run

name: Tests
on:
push:
branches:
- main
pull_request:
defaults:
run:
shell: bash
jobs:
test-check:
name: trivy (github-check)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
trivy_command: config
trivy_target: .
reporter: github-check
level: info
working_directory: testdata/with_detections
# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
trivy_return="${{ steps.test.outputs.trivy-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [[ "$trivy_return" -eq 1 ]]; then
echo "trivy correctly returned failure ${trivy_return}"
else
echo "trivy returned ${trivy_return}, expected '1'. Failing..."
exit 1
fi
if [[ "$reviewdog_return" -eq 0 ]]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-check-without-detections:
name: trivy (github-check-without-detections)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
trivy_command: config
trivy_target: .
reporter: github-check
level: info
working_directory: testdata/without_detections
# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
trivy_return="${{ steps.test.outputs.trivy-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [[ "$trivy_return" -eq 0 ]]; then
echo "trivy correctly returned success ${trivy_return}"
else
echo "trivy returned ${trivy_return}, expected '0'. Failing..."
exit 1
fi
if [[ "$reviewdog_return" -eq 0 ]]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-pr-check:
if: github.event_name == 'pull_request'
name: trivy (github-pr-check)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
trivy_command: config
trivy_target: .
reporter: github-pr-check
level: info
working_directory: testdata/with_detections
# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
trivy_return="${{ steps.test.outputs.trivy-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [[ "$trivy_return" -eq 1 ]]; then
echo "trivy correctly returned failure ${trivy_return}"
else
echo "trivy returned ${trivy_return}, expected '1'. Failing..."
exit 1
fi
if [[ "$reviewdog_return" -eq 0 ]]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-pr-review:
if: github.event_name == 'pull_request'
name: trivy (github-pr-review)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
trivy_command: config
trivy_target: .
reporter: github-pr-review
level: info
working_directory: testdata/with_detections
# The check is expected to fail on the test data
# but for forked PRs reviewdog will just output
# on the PR and report success
- name: Check return codes
if: success() || failure ()
run: |
trivy_return="${{ steps.test.outputs.trivy-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [[ "$trivy_return" -eq 1 ]]; then
echo "trivy correctly returned failure ${trivy_return}"
else
echo "trivy returned ${trivy_return}, expected '1'. Failing..."
exit 1
fi
if [[ "$reviewdog_return" -eq 0 ]]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi
test-operating-systems:
strategy:
fail-fast: false
matrix:
platform: [ubuntu-latest, macos-latest, windows-latest]
name: trivy (${{ matrix.platform }})
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- uses: ./
continue-on-error: true
id: test
with:
github_token: ${{ secrets.github_token }}
trivy_command: config
trivy_target: .
reporter: github-check
level: info
working_directory: testdata/with_detections
# The check is expected to fail on the test data
- name: Check return codes
if: success() || failure ()
run: |
trivy_return="${{ steps.test.outputs.trivy-return-code }}"
reviewdog_return="${{ steps.test.outputs.reviewdog-return-code }}"
if [[ "$trivy_return" -eq 1 ]]; then
echo "trivy correctly returned failure ${trivy_return}"
else
echo "trivy returned ${trivy_return}, expected '1'. Failing..."
exit 1
fi
if [[ "$reviewdog_return" -eq 0 ]]; then
echo "reviewdog correctly returned success: ${reviewdog_return}"
else
echo "reviewdog returned ${reviewdog_return}, expected '0'. Failing..."
exit 1
fi