Update version, direct download, add container image test

lindycoder · lindycoder · commit f5cacf5b6c1d · 2025-11-18T09:01:23.000-05:00
diff --git a/.github/workflows/smoke-tests.yaml b/.github/workflows/smoke-tests.yaml
@@ -15,7 +15,7 @@ jobs:
         with:
           fetch-depth: 0  # Need full history to detect changes
       - name: Run Tests
-        uses: martin-boost-dev/boostsec-registry-test-action@f624e775372674de7935d77a277e6695136dbae4
+        uses: martin-boost-dev/boostsec-registry-test-action@0f00699e4cd4a7adee7d1cbe9b3d9c8c53171d07
         with:
           provider: github
           provider-config: |
@@ -38,7 +38,7 @@ jobs:
         with:
           fetch-depth: 0  # Need full history to detect changes
       - name: Run Tests
-        uses: martin-boost-dev/boostsec-registry-test-action@f624e775372674de7935d77a277e6695136dbae4
+        uses: martin-boost-dev/boostsec-registry-test-action@0f00699e4cd4a7adee7d1cbe9b3d9c8c53171d07
         with:
           provider: gitlab
           provider-config: |
@@ -59,7 +59,7 @@ jobs:
         with:
           fetch-depth: 0  # Need full history to detect changes
       - name: Run Tests
-        uses: martin-boost-dev/boostsec-registry-test-action@f624e775372674de7935d77a277e6695136dbae4
+        uses: martin-boost-dev/boostsec-registry-test-action@0f00699e4cd4a7adee7d1cbe9b3d9c8c53171d07
         with:
           provider: azure
           provider-config: |
@@ -82,7 +82,7 @@ jobs:
         with:
           fetch-depth: 0  # Need full history to detect changes
       - name: Run Tests
-        uses: martin-boost-dev/boostsec-registry-test-action@f624e775372674de7935d77a277e6695136dbae4
+        uses: martin-boost-dev/boostsec-registry-test-action@0f00699e4cd4a7adee7d1cbe9b3d9c8c53171d07
         with:
           provider: bitbucket
           provider-config: |
diff --git a/scanners/boostsecurityio/trivy-fs/tests.yaml b/scanners/boostsecurityio/trivy-fs/tests.yaml
@@ -1,10 +1,12 @@
 version: "1.0"
 tests:
-  - name: "Source code scan"
+  - name: "gitleaks"
     type: "source-code"
     source:
-      url: "https://github.com/martin-boost-dev/boost-poc-registry-testing-trivy"
+      url: "git@github.com:gitleaks/gitleaks.git"
+      ref: "v8.15.2"
+  - name: "osv-scanner"
+    type: "source-code"
+    source:
+      url: "git@github.com:google/osv-scanner.git"
       ref: "main"
-    scan_paths:
-      - "rclone"
-      - "osv-scanner"
diff --git a/scanners/boostsecurityio/trivy-image/tests.yaml b/scanners/boostsecurityio/trivy-image/tests.yaml
@@ -0,0 +1,10 @@
+version: "1.0"
+tests:
+  - name: "Image scanning"
+    type: "container-image"
+    source:
+      url: "https://github.com/martin-boost-dev/boost-poc-registry-testing-trivy"
+      ref: "main"
+    scan_paths:
+      - "rclone"
+      - "osv-scanner"
