Skip to content

fix: add container test target reference support [CN-71] #5881

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aarlaud merged 3 commits into from
May 12, 2025
Merged

fix: add container test target reference support [CN-71] #5881

aarlaud merged 3 commits into from
May 12, 2025

Conversation

@aarlaud
Copy link
Contributor

@aarlaud aarlaud commented May 7, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

Adds test cases for the target ref support in container monitor and test, following support addition in the snyk-docker-plugin snyk/snyk-docker-plugin#649.

Where should the reviewer start?

This change mainly bumps the docker plugin to 7.0.1 and add tests for the newly added target reference support in snyk container test.

How should this be manually tested?

Running snyk container test <IMAGE> --target-reference=<VALUE> should send a payload containing the target reference in the scanResult object sent to /test-dependencies endpoint.

What's the product update that needs to be communicated to CLI users?

The product update is deferred to a later time. This change currently requires a FF in the platform to be effective.
While the plan is for a wider rollout, we're taking extra precautions to validate that no one is relying on the "erroneous" behavior.

Behavior that could cause a change is a particular combination of circumstances:

  • snyk container monitored projects with target reference (currently supported).
  • snyk container test with target reference (currently not supported, but some users might have implemented it regardless). In that case, the change would possibly change results if particular ignores are associated to that target reference AND are different than the ignores for no target reference.
    We're extracting data to confirm no one fit this particular scenario and will reach out to individual cases if any to notify them of the upcoming change.

What are the relevant tickets?

https://snyksec.atlassian.net/browse/CN-71

@aarlaud aarlaud force-pushed the fix/CN-71-add-target-reference-support-for-cli-snyk-container-test branch 3 times, most recently from 670afb1 to c1e12d8 Compare May 9, 2025 15:07
@aarlaud aarlaud marked this pull request as ready for review May 9, 2025 15:08
@aarlaud aarlaud requested a review from a team as a code owner May 9, 2025 15:08
@snyk snyk deleted a comment from github-actions bot May 9, 2025
@aarlaud aarlaud force-pushed the fix/CN-71-add-target-reference-support-for-cli-snyk-container-test branch from 0a288c0 to 5102bf4 Compare May 9, 2025 20:28
@aarlaud
fix: add container test target reference support [CN-71]
61b391b 
chore: fix test and add target ref in cli cmds docs

fix: pin particular docker plugin version
@aarlaud aarlaud force-pushed the fix/CN-71-add-target-reference-support-for-cli-snyk-container-test branch from a8659d9 to 61b391b Compare May 12, 2025 10:08
@snyk snyk deleted a comment from github-actions bot May 12, 2025
@github-actions
Copy link
Contributor

github-actions bot commented May 12, 2025
edited
Loading

Warnings
⚠️ There are multiple commits on your branch, please squash them locally before merging!
⚠️

"Merge branch 'main' into fix/CN-71-add-target-reference-support-for-cli-snyk-container-test" is too long. Keep the first line of your commit message under 72 characters.

Generated by 🚫 dangerJS against 8f6601e

@aarlaud aarlaud closed this May 12, 2025
@aarlaud aarlaud reopened this May 12, 2025
@aarlaud aarlaud enabled auto-merge May 12, 2025 16:00
@aarlaud aarlaud merged commit 080820c into main May 12, 2025
7 checks passed
@aarlaud aarlaud deleted the fix/CN-71-add-target-reference-support-for-cli-snyk-container-test branch May 12, 2025 19:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@danlucian danlucian danlucian approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aarlaud @danlucian