From 96b0997346dee9b34746b224d8e97841b6f88a90 Mon Sep 17 00:00:00 2001
From: Rahul M Chheda <53308066+rahulchheda@users.noreply.github.com>
Date: Wed, 15 Apr 2020 19:11:47 +0530
Subject: [PATCH] Cherry-pick for v1.3.x (#63)

* (fix)bdd: remove checks for monitor pods (#61)
* (feat): Adding trivy security check to circle ci (#58)
* Adding trivy security scan for chaos runner docker image
* (fix) Fixed BDD URL issues (#64)
---
 .circleci/config.yml | 24 ++++++++++++++++++++++--
 tests/runner_test.go |  7 +------
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index bc4b2c35..0d055dff 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -58,6 +58,21 @@ jobs:
             - image.tar
             - env-vars
 
+  trivy-check:
+    machine: true
+    environment:
+      TRIVYARCH: "64bit"
+    steps:
+      - run: |
+          export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
+          echo ${VERSION} 
+          wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+          tar zxvf trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+          sudo apt-get update
+          sudo apt-get install rpm
+      - run: |
+          ./trivy --exit-code 0 --severity HIGH --no-progress litmuschaos/chaos-runner:ci
+          ./trivy --exit-code 0 --severity CRITICAL --no-progress litmuschaos/chaos-runner:ci
   push:
     machine: 
       image: circleci/classic:201808-01
@@ -99,6 +114,12 @@ workflows:
             ## build jobs needs to be run for branch commits as well as tagged releases
             tags:
               only: /.*/
+      - trivy-check:
+          requires:
+            - build
+          filters:
+            tags:
+              only: /.*/
       - push:
           requires: 
             - build
@@ -115,5 +136,4 @@ workflows:
             branches:
               ignore: /.*/
             tags:
-              only: /.*/
-  
+              only: /.*/
\ No newline at end of file
diff --git a/tests/runner_test.go b/tests/runner_test.go
index c13ded23..fef7e4f9 100644
--- a/tests/runner_test.go
+++ b/tests/runner_test.go
@@ -114,7 +114,7 @@ var _ = BeforeSuite(func() {
 		break
 	}
 
-	err = exec.Command("kubectl", "create", "-f", "https://hub.litmuschaos.io/api/chaos?file=charts/generic/pod-delete/experiment.yaml", "-n", "litmus").Run()
+	err = exec.Command("kubectl", "create", "-f", "https://hub.litmuschaos.io/api/chaos/master?file=charts/generic/experiments.yaml", "-n", "litmus").Run()
 	if err != nil {
 		klog.Infof("Unable to create Pod-Delete Experiment, due to error: %v", err)
 	}
@@ -225,12 +225,7 @@ var _ = Describe("BDD on chaos-runner", func() {
 			//Fetching engine-nginx-runner pod
 			runner, err := k8sClientSet.CoreV1().Pods("litmus").Get("engine-nginx-runner", metav1.GetOptions{})
 			Expect(err).To(BeNil())
-			//Fetching engine-nginx-exporter pod
-			exporter, err := k8sClientSet.CoreV1().Pods("litmus").Get("engine-nginx-monitor", metav1.GetOptions{})
-			Expect(err).To(BeNil())
 			Expect(string(runner.Status.Phase)).To(Or(Equal("Running"), Equal("Succeeded")))
-			Expect(string(exporter.Status.Phase)).To(Equal("Running"))
-
 		})
 	})
 	var jobName string