chore(secret): add reported issues related to secrets in junit template #8193

fabiogermann · 2024-12-31T16:21:36Z

Description

Adding a section for "Secrets" when scanning with trivy image --scanners secret <image> and using the JUnit output format --format template --template @contrib/junit.tpl

For a default output:

localhost/vulnerable:latest (secrets)

Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 1)

CRITICAL: GitLab (gitlab-pat)
═══════════════════════════════════════════════════════════════════════════════
GitLab Personal Access Token
────────────────────────────────────────────────────────
 localhost/vulnerable:latest:298
────────────────────────────────────────────────────────
 296     {
 297     "created": "2024-12-03T16:24:59Z",
 298 [ by": "|3 GITLAB_PRIVATE_TOKEN=************************** WA-
 299     "comment": "FROM f43dd38a5350"
────────────────────────────────────────────────────────

Before the template would produce:

<?xml version="1.0" ?>
<testsuites name="trivy">
    <testsuite tests="0" failures="0" name="localhost/vulnerable:latest" errors="0" skipped="0" time="">
    </testsuite>
    <testsuite tests="0" failures="0" name="localhost/vulnerable:latest" errors="0" skipped="0" time="">
    </testsuite>
</testsuites>

After the template would produce:

<?xml version="1.0" ?>
<testsuites name="trivy">
    <testsuite tests="0" failures="0" name="localhost/vulnerable:latest" errors="0" skipped="0" time="">
    </testsuite>
    <testsuite tests="0" failures="0" name="localhost/vulnerable:latest" errors="0" skipped="0" time="">
    </testsuite>
    <testsuite tests="1" failures="1" name="localhost/vulnerable:latest" time="0">
        <testcase classname="gitlab-pat" name="[CRITICAL] GitLab Personal Access Token">
            <failure message="GitLab Personal Access Token" type="description">by&#34;: &#34;|3 GITLAB_PRIVATE_TOKEN=************************** WA-</failure>
        </testcase>
    </testsuite>
</testsuites>

Related issues

n/a

Related PRs

n/a

Checklist

I've read the guidelines for contributing to this repository.
I've followed the conventions in the PR title.
I've added tests that prove my fix is effective or that my feature works.
I've updated the documentation with the relevant information (if needed).
I've added usage information (if the PR introduces new options)
I've included a "before" and "after" example to the description (if the PR is a user interface change).

CLAassistant · 2024-12-31T16:21:42Z

All committers have signed the CLA.

knqyf263

Please mark the secret scanning as supported here.
https://trivy.dev/latest/docs/configuration/reporting/#junit

Looks like we forgot to mark the license scanning.

feat: added reported secrets in junit template

d0be964

fabiogermann requested a review from knqyf263 as a code owner December 31, 2024 16:21

fabiogermann changed the title ~~chore(secret): added reported issues related to secrets in junit template~~ chore(secret): add reported issues related to secrets in junit template Dec 31, 2024

knqyf263 reviewed Jan 6, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(secret): add reported issues related to secrets in junit template #8193

chore(secret): add reported issues related to secrets in junit template #8193

fabiogermann commented Dec 31, 2024

CLAassistant commented Dec 31, 2024 •

edited

Loading

knqyf263 left a comment

chore(secret): add reported issues related to secrets in junit template #8193

Are you sure you want to change the base?

chore(secret): add reported issues related to secrets in junit template #8193

Conversation

fabiogermann commented Dec 31, 2024

Description

Related issues

Related PRs

Checklist

CLAassistant commented Dec 31, 2024 • edited Loading

knqyf263 left a comment

Choose a reason for hiding this comment

CLAassistant commented Dec 31, 2024 •

edited

Loading