diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index fbda1ecb..524fe1cc 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -145,3 +145,10 @@ repos: entry: bash -c 'osv-scanner -r .' language: system stages: [commit, push] + + - id: trivy-vuln + name: Trivy (Vulnerabilities) + description: Check for security vulnerabilities. (https://trivy.dev) + entry: bash -c 'trivy fs --config trivy-vuln.yaml .' + language: system + stages: [commit, push] diff --git a/corefuncprovider/env_ensure_data_source_test.go b/corefuncprovider/env_ensure_data_source_test.go index 87f4851f..8d04e32d 100644 --- a/corefuncprovider/env_ensure_data_source_test.go +++ b/corefuncprovider/env_ensure_data_source_test.go @@ -46,7 +46,7 @@ func TestAccEnvEnsureDataSource(t *testing.T) { log.Fatalln(err) } - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("env_ensure_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_camel_data_source_test.go b/corefuncprovider/str_camel_data_source_test.go index 66852c54..16b52129 100644 --- a/corefuncprovider/str_camel_data_source_test.go +++ b/corefuncprovider/str_camel_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrCamelDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_camel_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_constant_data_source_test.go b/corefuncprovider/str_constant_data_source_test.go index e209df36..122c0b5c 100644 --- a/corefuncprovider/str_constant_data_source_test.go +++ b/corefuncprovider/str_constant_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrConstantDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_constant_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_iterative_replace_data_source_test.go b/corefuncprovider/str_iterative_replace_data_source_test.go index 1ddbc5bc..49b10d5a 100644 --- a/corefuncprovider/str_iterative_replace_data_source_test.go +++ b/corefuncprovider/str_iterative_replace_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrIterativeReplaceDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_iterative_replace_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_kebab_data_source_test.go b/corefuncprovider/str_kebab_data_source_test.go index d6f78800..ae20ecd2 100644 --- a/corefuncprovider/str_kebab_data_source_test.go +++ b/corefuncprovider/str_kebab_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrKebabDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_kebab_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_pascal_data_source_test.go b/corefuncprovider/str_pascal_data_source_test.go index aaf47ff0..d0bc8210 100644 --- a/corefuncprovider/str_pascal_data_source_test.go +++ b/corefuncprovider/str_pascal_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrPascalDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_pascal_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/str_snake_data_source_test.go b/corefuncprovider/str_snake_data_source_test.go index bb52d036..76144aa1 100644 --- a/corefuncprovider/str_snake_data_source_test.go +++ b/corefuncprovider/str_snake_data_source_test.go @@ -38,7 +38,7 @@ func TestAccStrSnakeDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("str_snake_data_source_fixture.tftpl"), ) diff --git a/corefuncprovider/truncate_label_data_source_test.go b/corefuncprovider/truncate_label_data_source_test.go index ed963748..fd259399 100644 --- a/corefuncprovider/truncate_label_data_source_test.go +++ b/corefuncprovider/truncate_label_data_source_test.go @@ -29,7 +29,7 @@ import ( ) func TestAccTruncateLabelDataSourceDefaultMaxLength64(t *testing.T) { - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("truncate_label_data_source_fixture_default64.tftpl"), ) @@ -66,7 +66,7 @@ func TestAccTruncateLabelDataSource(t *testing.T) { strings.TrimSpace(name), ) - buf := new(bytes.Buffer) + buf := &bytes.Buffer{} tmpl := template.Must( template.ParseFiles("truncate_label_data_source_fixture_maxlength.tftpl"), ) diff --git a/trivy-vuln.yaml b/trivy-vuln.yaml index 39b4acad..96ca9fa2 100644 --- a/trivy-vuln.yaml +++ b/trivy-vuln.yaml @@ -1,3 +1,4 @@ +--- cache: backend: fs clear: false @@ -14,7 +15,7 @@ db: dependency-tree: true exit-code: 1 format: table -ignore-policy: "" +ignore-policy: '' ignorefile: .trivyignore include-dev-deps: false insecure: false @@ -23,12 +24,12 @@ misconfiguration: include-non-failures: false policy-bundle-repository: ghcr.io/aquasecurity/defsec:0 reset-policy-bundle: false -output: "" +output: '' quiet: true report: all reset: false scan: - compliance: "" + compliance: '' file-patterns: [] offline: false rekor-url: https://rekor.sigstore.dev