Commit graph

38 commits

Author SHA1 Message Date
Dan Luhring
a82ae1f6c9
Skip signing for snapshot builds
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 09:12:46 -05:00
Dan Luhring
e93bf99d9d
Use snapshot build for pipeline CLI testing
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 08:58:02 -05:00
Dan Luhring
49b04f13eb
Add basic CLI tests for SBOM input
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-03-09 08:58:01 -05:00
Alfredo Deza
38e3405f0e remove schema-validation checks
No longer required since it is always going to be one schema imported as
part of `db`

Signed-off-by: Alfredo Deza <adeza@anchore.com>
2021-03-05 09:46:24 -05:00
Alex Goodman
627aa77842
remove CPE generation (rely on static CPES from syft instead)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-11-20 06:43:45 -05:00
Dan Luhring
d7a323b0be
Add signed and notarized ZIP release asset
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-11 17:30:50 -05:00
Dan Luhring
5725f26c04
Resolve security warning for macOS users (#194)
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-05 08:50:58 -05:00
Alex Goodman
da614aa4ac
bump syft version (add package.json, rename bundler to ruby)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-19 08:02:13 -04:00
Alex Goodman
86b0ae1ada
migrate to GHA pipeline (#176)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-07 14:57:59 -04:00
Alex Goodman
3c35e562bf
exclude size labels from release changelog
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 23:30:15 -04:00
Alex Goodman
75e3638468
add changelog generation into the release process (#167)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 16:59:00 -04:00
Alex Goodman
326afa3c41
Add OCI support + use URI schemes (#160)
* add oci support + update image schemes

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update to oci-dir

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* bump upstream stereoscope, testutils, and syft pins

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* fix malformed go.sum

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* pull in upstream syft json presenter updates

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 14:18:03 -04:00
Alex Goodman
f0f8f4bf02
add --fail-on threshold support (#156)
* add --fail-on threshold support

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* rename fail-on support functions and variables

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* remove UK spelling of canceled

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-21 17:12:21 -04:00
Alfredo Deza
57d777cf04 tests: add cyclonedx schema check
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-09-21 11:17:51 -04:00
Alex Goodman
89a6201555
Disable prerelease version update check (#118)
* disable prerelease version update check

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* use prerelease flag as source of truth for user notifications

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-11 09:54:09 -04:00
Alex Goodman
56b9576a19
Add inline-comparison as acceptance test (#106)
* add inline-compare as acceptance tests

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* improve RPM matching with source indirection matching

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add comments to compare-* make targets

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* clean inline-compare image test names

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* bump syft version to get rpm field enhancements

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-10 11:03:48 -04:00
Alex Goodman
009dcb1a46
Ignore prerelease versions on release + add DB update URL (#76)
* ignore prerelease versions when uploading version file on release

* add db update url
2020-07-30 12:37:49 -04:00
Alex Goodman
e1b4ea5fda
add schema validation & fix schema status logic 2020-07-29 21:11:05 -04:00
Alex Goodman
8d84dfeb65
finalize update check URL 2020-07-27 15:13:10 -04:00
Alex Goodman
94636feffa
add bin name to makefile for version upload 2020-07-27 10:02:36 -04:00
Alex Goodman
c0dff6c0d2
upload version check file on release 2020-07-27 09:37:16 -04:00
Alex Goodman
959fa89cad
bump bouncer version 2020-07-25 16:55:13 -04:00
Alex Goodman
0faf81320d
rollup static analysis to make target 2020-07-25 16:41:59 -04:00
Alex Goodman
4220fc60a7
Add default table presenter (#59)
* add default table presenter

* compress table output

* fix table presenter found-by to use only search key
2020-07-25 11:38:08 -04:00
Alex Goodman
2835ccb23f
add snapshot check & enable release publishing 2020-07-25 11:08:54 -04:00
Alex Goodman
c5867b32ea
show verbose test output to prevent circleci kills 2020-07-23 21:47:23 -04:00
Alex Goodman
6340b2da3a
add release pipeline & replace imgbom with syft (#60) 2020-07-23 21:26:03 -04:00
Alex Goodman
c8bca755ff
Add integration tests (#54)
* add integration tests + add matcher types

* tweak db auto update var; rm dead cache cmd

* Update cmd/root.go

Co-authored-by: Alfredo Deza <adeza@anchore.com>

Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-21 12:34:39 -04:00
Alfredo Deza
83401f7fc3 tests: make the results dir if it doesn't exist
Signed-off-by: Alfredo Deza <adeza@anchore.com>
2020-07-17 13:58:07 -04:00
Alex Goodman
12aeee3b92
add java matcher (#44) 2020-07-15 07:17:21 -04:00
Alex Goodman
d585ebe6c1
add comparitive analysis (#46) 2020-07-13 13:55:39 -04:00
Alex Goodman
16f7579520
add license validation 2020-07-13 13:42:21 -04:00
Alex Goodman
765d5dfb5b
add rpm version + constraint, rpmdb matching; refactor dpkg constraint 2020-07-07 09:22:14 -04:00
Alex Goodman
b2151d080a
add coverage + makefile improvements 2020-07-06 07:26:24 -04:00
Alex Goodman
92cf98ab12
sync vulnscan db changes 2020-06-28 07:22:27 -04:00
Alex Goodman
9c70953dfb
add curation of db file 2020-06-19 10:57:06 -04:00
Alex Goodman
a3d1451833
add basic pipeline 2020-06-15 15:01:16 -04:00
Alex Goodman
3c6ae01619
initial project structure 2020-05-26 10:41:23 -04:00