diff --git a/go.mod b/go.mod index 6adb0bdb..1ff28e4c 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.22.0 toolchain go1.22.2 require ( - github.com/aquasecurity/trivy v0.52.1-0.20240619045823-eb6d0d9779db + github.com/aquasecurity/trivy v0.52.1-0.20240619054236-36b3b772df21 github.com/docker/docker v26.1.3+incompatible github.com/liamg/iamgo v0.0.9 github.com/liamg/memoryfs v1.6.0 diff --git a/go.sum b/go.sum index d48654f3..e2e2fcab 100644 --- a/go.sum +++ b/go.sum @@ -218,6 +218,7 @@ github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d h1:4zour5S github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d/go.mod h1:1cPOp4BaQZ1G2F5fnw4dFz6pkOyXJI9KTuak8ghIl3U= github.com/aquasecurity/trivy v0.52.1-0.20240619045823-eb6d0d9779db h1:YmLi+1oP7N5sdnwJJOl+699SnQWp30RChdx5wFeKFU8= github.com/aquasecurity/trivy v0.52.1-0.20240619045823-eb6d0d9779db/go.mod h1:n6nge/wMfmdNfWxKnSFMDoOYStcYDrZDGrbkP2KASIk= +github.com/aquasecurity/trivy v0.52.1-0.20240619054236-36b3b772df21/go.mod h1:NSz5jJqsVcABONnEr90DYBeUyy0r6voIw+riatbT3XY= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index c244906a..c6e83cad 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -1,7 +1,7 @@ package spec import ( - "github.com/aquasecurity/trivy-checks/specs" + "github.com/aquasecurity/trivy-checks/pkg/specs" ) // Loader access compliance specs diff --git a/specs/compliance/aws-cis-1.2.yaml b/pkg/specs/compliance/aws-cis-1.2.yaml similarity index 100% rename from specs/compliance/aws-cis-1.2.yaml rename to pkg/specs/compliance/aws-cis-1.2.yaml diff --git a/specs/compliance/aws-cis-1.4.yaml b/pkg/specs/compliance/aws-cis-1.4.yaml similarity index 100% rename from specs/compliance/aws-cis-1.4.yaml rename to pkg/specs/compliance/aws-cis-1.4.yaml diff --git a/specs/compliance/docker-cis-1.6.0.yaml b/pkg/specs/compliance/docker-cis-1.6.0.yaml similarity index 100% rename from specs/compliance/docker-cis-1.6.0.yaml rename to pkg/specs/compliance/docker-cis-1.6.0.yaml diff --git a/specs/compliance/eks-cis-1.4.yaml b/pkg/specs/compliance/eks-cis-1.4.yaml similarity index 100% rename from specs/compliance/eks-cis-1.4.yaml rename to pkg/specs/compliance/eks-cis-1.4.yaml diff --git a/specs/compliance/k8s-cis-1.23.yaml b/pkg/specs/compliance/k8s-cis-1.23.yaml similarity index 100% rename from specs/compliance/k8s-cis-1.23.yaml rename to pkg/specs/compliance/k8s-cis-1.23.yaml diff --git a/specs/compliance/k8s-nsa-1.0.yaml b/pkg/specs/compliance/k8s-nsa-1.0.yaml similarity index 100% rename from specs/compliance/k8s-nsa-1.0.yaml rename to pkg/specs/compliance/k8s-nsa-1.0.yaml diff --git a/specs/compliance/k8s-pss-baseline-0.1.yaml b/pkg/specs/compliance/k8s-pss-baseline-0.1.yaml similarity index 100% rename from specs/compliance/k8s-pss-baseline-0.1.yaml rename to pkg/specs/compliance/k8s-pss-baseline-0.1.yaml diff --git a/specs/compliance/k8s-pss-restricted-0.1.yaml b/pkg/specs/compliance/k8s-pss-restricted-0.1.yaml similarity index 100% rename from specs/compliance/k8s-pss-restricted-0.1.yaml rename to pkg/specs/compliance/k8s-pss-restricted-0.1.yaml diff --git a/specs/loader.go b/pkg/specs/loader.go similarity index 100% rename from specs/loader.go rename to pkg/specs/loader.go diff --git a/specs/loader_test.go b/pkg/specs/loader_test.go similarity index 100% rename from specs/loader_test.go rename to pkg/specs/loader_test.go diff --git a/scripts/bundle.sh b/scripts/bundle.sh index b1501dd0..f6effa1a 100755 --- a/scripts/bundle.sh +++ b/scripts/bundle.sh @@ -34,6 +34,9 @@ for dir in config; do rsync -avr commands/$dir/* bundle/commands/$dir done +mkdir -p bundle/specs/compliance +rsync -avr pkg/specs/compliance bundle/specs + cp checks/.manifest bundle/ rm bundle/policies/.manifest sed -i -e "s/\[GITHUB_SHA\]/${RELEASE_VERSION}/" bundle/.manifest