diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go index 5a9cb18e0..0aa4fdd6e 100644 --- a/e2etests/testcase_test.go +++ b/e2etests/testcase_test.go @@ -45,8 +45,10 @@ func init() { // Cases which rely on a disabled feature flag are filtered out. var testCases = []testCase{ { - image: "ubuntu:16.04", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-16.04", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, checkProvidedExecutables: true, @@ -91,8 +93,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/library/nginx:1.10", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:nginx-1.10", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "debian:8", expectedFeatures: []apiV1.Feature{ @@ -102,7 +106,7 @@ var testCases = []testCase{ VersionFormat: "dpkg", Version: "1:3.3-1", Vulnerabilities: nil, - AddedBy: "sha256:6d827a3ef358f4fa21ef8251f95492e667da826653fd43641cef5a877dc03a70", + AddedBy: "sha256:b87f0972440570029cb139e9ea513c3b9aad24cc0051d7c50226dd7f345af109", }, { Name: "coreutils", @@ -160,13 +164,15 @@ var testCases = []testCase{ }, }, }, - AddedBy: "sha256:6d827a3ef358f4fa21ef8251f95492e667da826653fd43641cef5a877dc03a70", + AddedBy: "sha256:b87f0972440570029cb139e9ea513c3b9aad24cc0051d7c50226dd7f345af109", }, }, }, { - image: "docker.io/kaizheh/apache-struts2-cve-2017-5638:latest", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:kaizheh-apache-struts2-cve-2017-5638-latest", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", checkProvidedExecutables: true, namespace: "debian:8", @@ -530,14 +536,16 @@ var testCases = []testCase{ FixedBy: "1.0.9.8.6", }, }, - AddedBy: "sha256:9f0706ba7422412cd468804fee456786f88bed94bf9aea6dde2a47f770d19d27", + AddedBy: "sha256:a725810793221ffd6cc25a40bf9439d1bc10605735ca4da28af1e712ab8420de", FixedBy: "1.0.9.8.6", }, }, }, { - image: "docker.io/anchore/anchore-engine:v0.5.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:anchore-anchore-engine-v0.5.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "Red Hat", namespace: "centos:7", // This image is older than June 2020, so we need to explicitly request for an uncertified scan. @@ -1004,7 +1012,7 @@ var testCases = []testCase{ }, }, }, - AddedBy: "sha256:c8d67acdb2ffaebd638cf55a8fccc63693211060670aa7f0ea1d65b5d2c674dd", + AddedBy: "sha256:3a7df7a31d0379653de0a8eb812af69dbaa65e84e6dfa8da0162d23a2da5b26d", }, }, }, @@ -2491,8 +2499,11 @@ var testCases = []testCase{ // Verify digest-based scanning and also a v1 versioned image // This image result has two layers with the same digests, so it checks a duplicate layer case { - image: "docker.io/richxsl/rhel7@sha256:8f3aae325d2074d2dc328cb532d6e7aeb0c588e15ddf847347038fe0566364d6", - registry: "https://registry-1.docker.io", + // quay.io/rhacs-eng/qa:richxsl-rhel7-sha256-8f3aae325d2074d2dc328cb532d6e7aeb0c588e15ddf847347038fe0566364d6 + image: "quay.io/rhacs-eng/qa@sha256:092233f7907ea86d4480a2b3fd82fb836f518b9bff48aa9a73463fab4af40f65", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", uncertifiedRHEL: true, namespace: "centos:7", @@ -2502,7 +2513,7 @@ var testCases = []testCase{ NamespaceName: "centos:7", VersionFormat: "rpm", Version: "1.4.1-5.el7", - AddedBy: "sha256:1de5db95c59529b8423a336fac27e0bf8a9f4fced0fcc32377c9170ab481a8e9", + AddedBy: "sha256:17b2a618d73663dfbfc53ad5b0d74894ce659b6685d12301e13d2cebfa454b39", }, }, }, @@ -2523,8 +2534,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.13.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.13.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.13", @@ -2585,7 +2598,7 @@ var testCases = []testCase{ FixedBy: "2.12.6-r0", }, }, - AddedBy: "sha256:596ba82af5aaa3e2fd9d6f955b8b94f0744a2b60710e3c243ba3e4a467f051d1", + AddedBy: "sha256:9c4afaba1fb00d8f884dad50e7fd333196cbb2e03734c5b34bbcbfc5e38a9387", FixedBy: "2.12.6-r0", Executables: []*v1.Executable{ { @@ -2639,7 +2652,7 @@ var testCases = []testCase{ FixedBy: "1.32.1-r4", }, }, - AddedBy: "sha256:596ba82af5aaa3e2fd9d6f955b8b94f0744a2b60710e3c243ba3e4a467f051d1", + AddedBy: "sha256:9c4afaba1fb00d8f884dad50e7fd333196cbb2e03734c5b34bbcbfc5e38a9387", FixedBy: "1.32.1-r9", Executables: []*v1.Executable{ { @@ -2675,8 +2688,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.14.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.14.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.14", @@ -2712,7 +2727,7 @@ var testCases = []testCase{ FixedBy: "2.12.6-r0", }, }, - AddedBy: "sha256:5843afab387455b37944e709ee8c78d7520df80f8d01cf7f861aae63beeddb6b", + AddedBy: "sha256:27d926d71d0bbab9c30ef1caf3f631514971f7c7c9435f6ac7967ea0d1705e22", FixedBy: "2.12.6-r0", }, { @@ -2720,14 +2735,16 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.14", VersionFormat: "apk", Version: "1.33.1-r2", - AddedBy: "sha256:5843afab387455b37944e709ee8c78d7520df80f8d01cf7f861aae63beeddb6b", + AddedBy: "sha256:27d926d71d0bbab9c30ef1caf3f631514971f7c7c9435f6ac7967ea0d1705e22", FixedBy: "1.33.1-r7", }, }, }, { - image: "alpine:3.15.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.15.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.15", @@ -2737,21 +2754,23 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.15", VersionFormat: "apk", Version: "2.12.7-r3", - AddedBy: "sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3", + AddedBy: "sha256:f4a33864689e6fb2f052728abdf9e2ca75d28ee36cfafe0bda5b98efdea5772d", }, { Name: "busybox", NamespaceName: "alpine:v3.15", VersionFormat: "apk", Version: "1.34.1-r3", - AddedBy: "sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3", + AddedBy: "sha256:f4a33864689e6fb2f052728abdf9e2ca75d28ee36cfafe0bda5b98efdea5772d", FixedBy: "1.34.1-r5", }, }, }, { - image: "alpine:3.16.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.16.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.16", @@ -2834,8 +2853,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.17.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.17.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.17", @@ -2845,7 +2866,7 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.17", VersionFormat: "apk", Version: "2.12.10-r1", - AddedBy: "sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715", + AddedBy: "sha256:2815b02d45841c8d883e7b46b390e60fdfed11a471cccc85254595147e8e4588", }, }, }, @@ -2917,8 +2938,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/anchore/anchore-engine:v0.9.4", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:anchore-anchore-engine-v0.9.4", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "rhel:8", unexpectedFeatures: []apiV1.Feature{ @@ -2929,8 +2952,10 @@ var testCases = []testCase{ }, }, { - image: "elastic/logstash:7.13.3", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:elastic-logstash-7.13.3", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "centos:7", expectedFeatures: []apiV1.Feature{ @@ -3055,7 +3080,7 @@ var testCases = []testCase{ FixedBy: "2.12.3", }, }, - AddedBy: "sha256:c46de89b745ad8ba4400323d4ebc230a4b88cbbdbc92a862c92a743478abd617", + AddedBy: "sha256:477d0b4ccc14566aec80c3360aba6c84208c9d337727434c3914bd87b023dab3", Location: "usr/share/logstash/vendor/bundle/jruby/2.5.0/gems/logstash-input-tcp-6.0.10-java/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.0.10/logstash-input-tcp-6.0.10.jar:log4j-core", FixedBy: "2.12.4", }, @@ -3157,7 +3182,7 @@ var testCases = []testCase{ FixedBy: "2.17.0", }, }, - AddedBy: "sha256:c46de89b745ad8ba4400323d4ebc230a4b88cbbdbc92a862c92a743478abd617", + AddedBy: "sha256:477d0b4ccc14566aec80c3360aba6c84208c9d337727434c3914bd87b023dab3", Location: "usr/share/logstash/logstash-core/lib/jars/log4j-core-2.14.0.jar", FixedBy: "2.17.1", }, @@ -3253,8 +3278,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/busybox:1.35.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:busybox-1.35.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "busybox:1.35.0", }, @@ -3391,8 +3418,10 @@ var testCases = []testCase{ }, }, { - image: "ubuntu:22.04@sha256:cd3d86f1fb368c6a53659d467560010ab9e0695528127ea336fe32f68f7ba09f", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-22.04-sha256-cd3d86f1fb368c6a53659d467560010ab9e0695528127ea336fe32f68f7ba09f", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "ubuntu:22.04", @@ -3402,20 +3431,22 @@ var testCases = []testCase{ NamespaceName: "ubuntu:22.04", VersionFormat: "dpkg", Version: "3.118ubuntu5", - AddedBy: "sha256:6fa1296f44090f6150dfb96d6ae217a58b9d66c56d7a986c35657df6bd1a89f0", + AddedBy: "sha256:a0c79b13a593669e6152d94cfd64931dfe9fc897bc6507dfb4ae7fe57cd6e7ae", }, { Name: "apt", NamespaceName: "ubuntu:22.04", VersionFormat: "dpkg", Version: "2.4.5", - AddedBy: "sha256:6fa1296f44090f6150dfb96d6ae217a58b9d66c56d7a986c35657df6bd1a89f0", + AddedBy: "sha256:a0c79b13a593669e6152d94cfd64931dfe9fc897bc6507dfb4ae7fe57cd6e7ae", }, }, }, { - image: "ubuntu:22.10@sha256:4f9ec2c0aa321966bfe625bc485aa1d6e96549679cfdf98bb404dfcb8e141a7f", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-22.10-sha256-4f9ec2c0aa321966bfe625bc485aa1d6e96549679cfdf98bb404dfcb8e141a7f", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "ubuntu:22.10", @@ -4099,8 +4130,10 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, { - image: "alpine:3.18.3", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.18.3", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.18", @@ -4110,13 +4143,15 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda NamespaceName: "alpine:v3.18", VersionFormat: "apk", Version: "2.14.0-r2", - AddedBy: "sha256:7264a8db6415046d36d16ba98b79778e18accee6ffa71850405994cffa9be7de", + AddedBy: "sha256:97d7b294855ea22919bd873ce14c0bde0ba6702a2324133153d589153d96bd93", }, }, }, { - image: "debian:12.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:debian-12.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "debian:12", @@ -4167,8 +4202,10 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, { - image: "nginx:1.25.0-alpine", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:nginx-1.25.0-alpine", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "alpine:v3.17", onlyCheckSpecifiedVulns: true, @@ -4205,7 +4242,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, FixedBy: "1.8.7-r0", - AddedBy: "sha256:4aacde79cec42c8d0c5886185e70a16b107ae8c6b1a67d63d6efdb6d6978ed97", + AddedBy: "sha256:8ba39c19cf5d314e89905dfbfe4100fb747ecee0cba4a16104f4c3d904b22f21", }, { Name: "nghttp2", @@ -4239,7 +4276,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, FixedBy: "1.51.0-r2", - AddedBy: "sha256:4aacde79cec42c8d0c5886185e70a16b107ae8c6b1a67d63d6efdb6d6978ed97", + AddedBy: "sha256:8ba39c19cf5d314e89905dfbfe4100fb747ecee0cba4a16104f4c3d904b22f21", }, }, },