The Trivy integration has currently no integration tests. This should be changed so that we can detect issues in the integration early and reliably.
The tests were initially skipped as trivy downloads it's database every time a scan gets executed (unless it's cached), which can lead to flaky test failures.
Ideally when adding the tests a good workaround for this issue can be identified which allows us to load the cache locally so that we don't have to rely on the network connection to the trivy cache service to work during the test.
If not such workaround can be found or is too timeconsuming, it would be ok to add these as is and rely on our existing jest retries to restart false positive test failures.
The Trivy integration has currently no integration tests. This should be changed so that we can detect issues in the integration early and reliably.
The tests were initially skipped as trivy downloads it's database every time a scan gets executed (unless it's cached), which can lead to flaky test failures.
Ideally when adding the tests a good workaround for this issue can be identified which allows us to load the cache locally so that we don't have to rely on the network connection to the trivy cache service to work during the test.
If not such workaround can be found or is too timeconsuming, it would be ok to add these as is and rely on our existing jest retries to restart false positive test failures.