Cherry-pick for v1.3.x (#63)

* (fix)bdd: remove checks for monitor pods (#61) * (feat): Adding trivy security check to circle ci (#58) * Adding trivy security scan for chaos runner docker image * (fix) Fixed BDD URL issues (#64)
litmuschaos · Apr 15, 2020 · 96b0997 · 96b0997
1 parent 53bcf3b
commit 96b0997
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 8 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -58,6 +58,21 @@ jobs:
             - image.tar
             - env-vars
 
+  trivy-check:
+    machine: true
+    environment:
+      TRIVYARCH: "64bit"
+    steps:
+      - run: |
+          export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
+          echo ${VERSION} 
+          wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+          tar zxvf trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+          sudo apt-get update
+          sudo apt-get install rpm
+      - run: |
+          ./trivy --exit-code 0 --severity HIGH --no-progress litmuschaos/chaos-runner:ci
+          ./trivy --exit-code 0 --severity CRITICAL --no-progress litmuschaos/chaos-runner:ci
   push:
     machine: 
       image: circleci/classic:201808-01
@@ -99,6 +114,12 @@ workflows:
             ## build jobs needs to be run for branch commits as well as tagged releases
             tags:
               only: /.*/
+      - trivy-check:
+          requires:
+            - build
+          filters:
+            tags:
+              only: /.*/
       - push:
           requires: 
             - build
@@ -115,5 +136,4 @@ workflows:
             branches:
               ignore: /.*/
             tags:
-              only: /.*/
-
+              only: /.*/
diff --git a/tests/runner_test.go b/tests/runner_test.go
@@ -114,7 +114,7 @@ var _ = BeforeSuite(func() {
 		break
 	}
 
-	err = exec.Command("kubectl", "create", "-f", "https://hub.litmuschaos.io/api/chaos?file=charts/generic/pod-delete/experiment.yaml", "-n", "litmus").Run()
+	err = exec.Command("kubectl", "create", "-f", "https://hub.litmuschaos.io/api/chaos/master?file=charts/generic/experiments.yaml", "-n", "litmus").Run()
 	if err != nil {
 		klog.Infof("Unable to create Pod-Delete Experiment, due to error: %v", err)
 	}
@@ -225,12 +225,7 @@ var _ = Describe("BDD on chaos-runner", func() {
 			//Fetching engine-nginx-runner pod
 			runner, err := k8sClientSet.CoreV1().Pods("litmus").Get("engine-nginx-runner", metav1.GetOptions{})
 			Expect(err).To(BeNil())
-			//Fetching engine-nginx-exporter pod
-			exporter, err := k8sClientSet.CoreV1().Pods("litmus").Get("engine-nginx-monitor", metav1.GetOptions{})
-			Expect(err).To(BeNil())
 			Expect(string(runner.Status.Phase)).To(Or(Equal("Running"), Equal("Succeeded")))
-			Expect(string(exporter.Status.Phase)).To(Equal("Running"))
-
 		})
 	})
 	var jobName string